RE: Security Use Requirements

To: Douglas Otis <dotis@sanlight.net>
Subject: RE: Security Use Requirements
From: Michael Eisler <mre@zambeel.com>
Date: Wed, 7 Feb 2001 18:20:07 -0800 (PST)
Cc: Black_David@emc.com, sob@harvard.edu, ips@ece.cmu.edu
Content-Type: TEXT/PLAIN; CHARSET=US-ASCII
In-Reply-To: "Your message with ID" <NEBBJGDMMLHHCIKHGBEJIELECEAA.dotis@sanlight.net>
Reply-To: Michael Eisler <mre@zambeel.com>
Sender: owner-ips@ece.cmu.edu


> My comment was not a veiled argument for no security but rather an open
> question.  I would wish to argue for only mandating authentication and
> integrity and make privacy an option.  If to follow NFS and use of GSS-API
> (http://www.ietf.org/rfc/rfc1961.txt) as mentioned by David Robinson, with
> recommend (Kerberos V5) (http://web.mit.edu/kerberos/www/) and Internet size
> security (Lipkey) (http://www.ietf.org/rfc/rfc2847.txt for authentication
> and integrity where perhaps just the dynamic portion of the PDU headers are
> encrypted as a type of checksum.  Privacy seems like an expensive
> proposition to make mandatory for the entire data payload.

Why not allow the customer to make the tradeoff between security and
performance?

	-mre

Follow-Ups:
- RE: Security Use Requirements
  - From: "Douglas Otis" <dotis@sanlight.net>

References:
- RE: Security Use Requirements
  - From: "Douglas Otis" <dotis@sanlight.net>

Prev by Date: RE: Security Use Requirements
Next by Date: RE: Security Use Requirements
Prev by thread: RE: Security Use Requirements
Next by thread: RE: Security Use Requirements
Index(es):
- Date
- Thread

Home

Last updated: Tue Sep 04 01:05:33 2001
6315 messages in chronological order