[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [IPSECKEY] Security Considerations



I'll defer to all the Real Security Geeks in the (virtual) room on
whether the analysis is technically correct, but the revised Security
Considerations look pretty good to me.

Nits:

At Tue, 20 May 2003 15:32:39 -0400, Michael Richardson wrote:
> 
>    If the attacker was not able to subsequently mount a second man-in-

s/was/were/

>    If the attacker was also in a position to perform a man-in-the-middle

s/was/were/

>    attack on IKE and IPsec negotiations as well, then it would be a

s/it would be/the attacker would be in/

>    position to compromise the resulting IPsec channel.  Note that an
>    attack must be able to perform active DNS attacks on both sides of

s/an attack/an attacker/

>    The semantics of when to use this record is outside of the scope of
>    this document.  Any user of this resource record MUST carefully
>    document their trust model, and why the trust model of DNSSEC is
>    appropriate, if that is the secure channel used.

No objection to what I think is the intent of the text here, but
"semantics" just doesn't sound right in this context.  I'm page
faulting on what the right word would be, it's somewhere in the
neighborhood of "implementation and operational policy decision", but
I haven't thought of the right word yet.  Leave it as it stands if
nobody can think of a better way of phrasing this, but I suspect that
the current phrasing is going to confuse people.

Thanks!
-
This is the IPSECKEY@sandelman.ca list.
Email to ipseckey-request@sandelman.ca to be removed.