[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Traffic Selectors (was SA fragments)




Since these documents are about to go to Last Call 
(and I have been there before), this will be my last email
on this subject.
The thread is not productive other than raising my blood pressure :-)

And finally my apologies to the WG and Steve Kent specifically for
dragging on this
thread longer than it needed to be and not engaging in the conversation
3 years ago.

However, I would love to hear private/public opinions to the
semi-coherent
thought train that I wrote below:

----------------

How come I have not seen IPSEC policy specified
that contains TCP/UDP port selectors in reports from
the field?

Then I realized, when I use an SSL enabled POP client
to get my email, I am in fact using transport layer security
with TCP port numbers.
When I check my bank account balance, there again, SSL.

So answering Nicolas's question about multi-user trusted OS,
if I am an application developer and I have the SSL API available
to me, why do I trust the network layer to provide me
with the security? I don't, I use SSL or transport layer security.
One could also argue that this makes the application more robust
since it is not dependent on a lower layer for security.

If IP is the network layer, and IPSEC is a network layer
protocol, why does a network layer security protocol
care about transport layer traffic selectors? 

Is the inclusion
of transport layer traffic selectors (TCP/UDP ports) 
an optimization in the
original design? Or
is it now an redundant feature with the pervasive
deployment of SSL/TLS? 

Would application developers actually
ever trust the network layer to provide them with the security that
they need? How can an application trust the network administrator
(especially in a shared system)
to correctly configure security on a per transport layer demux 
port basis especially when money or financial information
is involved? That is, unless everyone is sharing the same security
policy in which case the port-based selectors are not needed.

If all one wants to do is secure a particular application running
over a specific but not pre-determined port (dynamic), then is the
transport layer security the easier way to go? 

Only time and deployment
experience will tell the rest of the story in terms of what
features get used or are left to die. However, if the recent
uptake in SSL-VPNs (search google/light reading for market predictions) 
is an indication, we have interesting times ahead.

Regards,

Bora
-- Sleepless SW Engineer in San Jose