|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: FW: IPS-All: Reminder - Security draft last call ends Monday, July 1 at 8am ESTExcerpt of message (sent 1 July 2002) by Black_David@emc.com: > One more round of lining up the iSCSI and IPS Security drafts. > > --David > > -----Original Message----- > From: Julian Satran [mailto:Julian_Satran@il.ibm.com] > Sent: Sunday, June 30, 2002 7:27 AM > To: Ofer Biran > Cc: bernard_aboba@hotmail.com; Black_David@emc.com; Elizabeth Rodriguez > Subject: Re: IPS-All: Reminder - Security draft last call ends Monday, July > 1 at 8am EST > > > > see comments in text - Julo > > > > Ofer Biran > > > 06/30/2002 11:43 AM > > > > To: Elizabeth Rodriguez <elizabeth.g.rodriguez@123mail.net>, > Black_David@emc.com, bernard_aboba@hotmail.com, Julian > Satran/Haifa/IBM@IBMIL > cc: > From: Ofer Biran/Haifa/IBM@IBMIL > Subject: Re: IPS-All: Reminder - Security draft last call > ends Monday, July 1 at 8am EST Link > <Notes:///C225670D0041573F/38D46BF5E8F08834852564B500129B2C/3719071310B5B10A > C2256BE50077269A> > > > > > > > > > These comments are from mandatory statements sync check > I made with the iSCSI draft: > > ====================== > > 2.3.1. Transforms > "When ESP is utilized, per-packet data origin authentication, integrity > and replay protection MUST be used." > > In iSCSI, the replay protection is MUST implement (not MUST use): > 7.3.1 Data Integrity and Authentication > "The ESP anti-replay service MUST also be implemented." > > (I'm not sure if the security or iSCSI should be changed ? I think the > recent tendency was not to impose IPsec requirements unless they are > justified by IPS uniqueness compare to other IPsec usage scenarios) > > > +++ I assume security draft will be fixed +++ Because of the Bellovin attack on encryption-only ESP, I believe that the first of the two statements is the right one. There's a lot of argument that integrity should be mandatory in ESP across the board. The reason why it currently isn't (at least as far as I understand from Steve Kent) is that integrity in the IPsec layer is superfluous if cryptographic integrity is provided at a higher layer. That case doesn't apply in IPS, so the risk of Bellovin's attack is real. paul
Home Last updated: Mon Jul 01 19:18:49 2002 11058 messages in chronological order |