|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: Security Use RequirementsDavid, > There's no such thing as a perfect security mechanism that is secure from > all attacks for all time. The reason for using off-the-shelf mechanisms > like IPSec and TLS is that peer review in the security community has > eliminated not only all of the obvious problems, but also all of the > non-obvious ones that have turned up. Asking for a mechanism that is > guaranteed to be immune from all possible attacks is a veiled argument > for no security, and is hence nonsense. > > Assuming that keys that are supposed to remain secret do remain secret, > TLS and IPSec are safe from all of the obvious man-in-the-middle attacks > *when properly configured* and are likewise safe from the obvious > spoofing attacks provided that the key distribution mechanism used > works correctly (which can be a tall assumption). In some cases, > other components also need to be secured, for example, if DNS > names are used as identities, DNS may have to be secured via > something like DNSSEC depending on how DNS is used. My comment was not a veiled argument for no security but rather an open question. I would wish to argue for only mandating authentication and integrity and make privacy an option. If to follow NFS and use of GSS-API (http://www.ietf.org/rfc/rfc1961.txt) as mentioned by David Robinson, with recommend (Kerberos V5) (http://web.mit.edu/kerberos/www/) and Internet size security (Lipkey) (http://www.ietf.org/rfc/rfc2847.txt for authentication and integrity where perhaps just the dynamic portion of the PDU headers are encrypted as a type of checksum. Privacy seems like an expensive proposition to make mandatory for the entire data payload. System as well as security management is an expensive subject. The use of the SCSI device to indicate authorization implies an undefined interface to this device. Should this WG also consider a specification for informing the SCSI device the system or user authorization. Should such information be considered an aspect of security related to IPS? Doug
Home Last updated: Tue Sep 04 01:05:33 2001 6315 messages in chronological order |