RE: Security Use Requirements

To: "Michael Eisler" <mre@zambeel.com>
Subject: RE: Security Use Requirements
From: "Douglas Otis" <dotis@sanlight.net>
Date: Wed, 7 Feb 2001 18:53:32 -0800
Cc: <Black_David@emc.com>, <sob@harvard.edu>, <ips@ece.cmu.edu>
Content-Transfer-Encoding: 7bit
Content-Type: text/plain;charset="iso-8859-1"
Importance: Normal
In-Reply-To: <Roam.SIMC.2.0.6.981598807.16049.mre@zambeel.com>
Sender: owner-ips@ece.cmu.edu

Michael,

Mandating additional resources to implement privacy would not allow this to
be a customer made trade-off.  Allowing it as product feature option would.

Doug


> > My comment was not a veiled argument for no security but rather an open
> > question.  I would wish to argue for only mandating authentication and
> > integrity and make privacy an option.  If to follow NFS and use
> of GSS-API
> > (http://www.ietf.org/rfc/rfc1961.txt) as mentioned by David
> Robinson, with
> > recommend (Kerberos V5) (http://web.mit.edu/kerberos/www/) and
> Internet size
> > security (Lipkey) (http://www.ietf.org/rfc/rfc2847.txt for
> authentication
> > and integrity where perhaps just the dynamic portion of the PDU
> headers are
> > encrypted as a type of checksum.  Privacy seems like an expensive
> > proposition to make mandatory for the entire data payload.
>
> Why not allow the customer to make the tradeoff between security and
> performance?
>
> 	-mre
>

Follow-Ups:
- RE: Security Use Requirements
  - From: Michael Eisler <mre@zambeel.com>

References:
- RE: Security Use Requirements
  - From: Michael Eisler <mre@zambeel.com>

Prev by Date: RE: Security Use Requirements
Next by Date: RE: Security Use Requirements
Prev by thread: RE: Security Use Requirements
Next by thread: RE: Security Use Requirements
Index(es):
- Date
- Thread

Home

Last updated: Tue Sep 04 01:05:33 2001
6315 messages in chronological order