[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [IPSECKEY] Security Considerations
On Tue, May 20, 2003 at 09:49:29AM +0200, Jean-Jacques Puig wrote:
> On Mon, May 19, 2003 at 02:26:14PM -0400, Rob Austein wrote:
> > Is it the intention of this WG that the IPSECKEY RR be useful in an
> > environment which does not (somehow) provide data origin
> > authentication and data integrity protection for the IPSECKEY RR?
>
> My opinion is also "no" (well, I mean it is not 'my' intention "that the
> IPSECKEY RR etc."). But I would be interested in the explanations of
> someone who would say "yes" here (pure curiosity :).
Sorry, I realized reading `comments and nits` from Mr Austein that I
possibly misunderstood his words.
IMHO, express an 'intent' is not the same as to 'order': the former
expresses itself with SHOULD while the later expresses with MUST.
Rephrasing my answer:
"no, it is not my intention that the IPSECKEY RR ... which does not
(somehow) ... for the IPSECKEY RR BUT I don't care if someone uses this
RR in such an environment."
> 4. Security Considerations
>
> | This entire memo pertains to the provision of public keying material
> | for use by key management protocols such as ISAKMP/IKE (RFC2407) [7].
>
> | Implementations of DNS servers and resolvers SHOULD take care to make
> | sure that the keying material is delivered intact to the end
> | application. The use of DNSSEC to provide end-to-end integrity
> | protection is strongly encouraged.
>
> May be 'strongly encouraged' is a bit... strong :). Why not something
> like:
>
> % Implementations of DNS servers and resolvers SHOULD take care to make
> % sure that the keying material is delivered intact to the end
> % application. End to end integrity can be achieved, for instance,
> % through the use of DNSSEC [8].
This is where we disagree I think. SHOULD is perfectly suitable here
(IMHO), and MUST would be more than expressing an intent: it would
express a requirement.
2119:
1. MUST This word, or the terms "REQUIRED" or "SHALL", mean that the
definition is an absolute requirement of the specification.
I don't think it is a up to the wg to make DNSSEC or any other mecanism
mandatory. We surely can provide advices though.
>
> | The semantics of this record is outside of the scope of this
> | document, so no advice for users of this information is provided.
> | Any user of this resource record MUST carefully document their trust
> | model, and why the trust model of DNSSEC is appropriate.
--
Jean-Jacques Puig
-
This is the IPSECKEY@sandelman.ca list.
Email to ipseckey-request@sandelman.ca to be removed.