Re: [cicm] CICM Channels and GSS (was Re: IETF Working Group Charter on Common Interface to Cryptographic Modules (CICM))
"Novikov, Lev" <lnovikov@mitre.org> Fri, 24 June 2011 19:09 UTC
Return-Path: <lnovikov@mitre.org>
X-Original-To: cicm@ietfa.amsl.com
Delivered-To: cicm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 533E911E816E for <cicm@ietfa.amsl.com>; Fri, 24 Jun 2011 12:09:38 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.599
X-Spam-Level:
X-Spam-Status: No, score=-6.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fX4xc92joHCw for <cicm@ietfa.amsl.com>; Fri, 24 Jun 2011 12:09:37 -0700 (PDT)
Received: from smtpksrv1.mitre.org (smtpksrv1.mitre.org [198.49.146.77]) by ietfa.amsl.com (Postfix) with ESMTP id 641B711E8106 for <cicm@ietf.org>; Fri, 24 Jun 2011 12:09:37 -0700 (PDT)
Received: from smtpksrv1.mitre.org (localhost.localdomain [127.0.0.1]) by localhost (Postfix) with SMTP id E3F2B21B1DA5; Fri, 24 Jun 2011 15:09:36 -0400 (EDT)
Received: from imchub2.MITRE.ORG (imchub2.mitre.org [129.83.29.74]) by smtpksrv1.mitre.org (Postfix) with ESMTP id DCD7B21B0F5D; Fri, 24 Jun 2011 15:09:36 -0400 (EDT)
Received: from IMCMBX3.MITRE.ORG ([129.83.29.206]) by imchub2.MITRE.ORG ([129.83.29.74]) with mapi; Fri, 24 Jun 2011 15:09:36 -0400
From: "Novikov, Lev" <lnovikov@mitre.org>
To: Nico Williams <nico@cryptonector.com>
Date: Fri, 24 Jun 2011 15:08:54 -0400
Thread-Topic: CICM Channels and GSS (was Re: IETF Working Group Charter on Common Interface to Cryptographic Modules (CICM))
Thread-Index: AcwyAsX7ML37X0AjRtifaJYSxfVwIgAeD51g
Message-ID: <F9AB58FA72BAE7449E7723791F6993ED062CD280BC@IMCMBX3.MITRE.ORG>
References: <BANLkTikstTXmqyiuWtZCFwe1JSwKAX2_-A@mail.gmail.com>
In-Reply-To: <BANLkTikstTXmqyiuWtZCFwe1JSwKAX2_-A@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en-US
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
Cc: Crypto discussion list <cryptography@randombit.net>, "CICM Discussion List (cicm@ietf.org)" <cicm@ietf.org>
Subject: Re: [cicm] CICM Channels and GSS (was Re: IETF Working Group Charter on Common Interface to Cryptographic Modules (CICM))
X-BeenThere: cicm@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
Reply-To: CICM Discussion List <cicm@ietf.org>
List-Id: CICM Discussion List <cicm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/cicm>, <mailto:cicm-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/cicm>
List-Post: <mailto:cicm@ietf.org>
List-Help: <mailto:cicm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/cicm>, <mailto:cicm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 24 Jun 2011 19:09:38 -0000
Nico, On 2011-06-23 20:08, Nico Williams wrote: > Nothing stops you from building an application that has several > sub-channels built on existing technologies. > > I'd be happy with you specifying such a protocol as long as it is on > top of existing secure channel technology, or, as long as you show why > that just won't do (I'm open to that possibility). (I could also end > up on the rough side of consensus, but I'd rather make CICM palatable > to a larger audience.) > > Also, you can structure privilege separation with only one channel. > And you can bind multiple authentications into one channel (for an > example of this see RPCSEC_GSSv3[0]). You'll want to make sure that > you cover why such alternatives are not appropriate. > [...] > GSS wrap tokens cover both, confidentiality (optional) and integrity > protection automatically for you; no need to think about how to do > authenticated encryption. > [...] > Some of the experts you need are in the KITTEN WG. I'm sure KITTEN WG > participants will be happy to talk to you about these issues, or to > put you in contact with other KITTEN WG participants. We have been > *adding* to the GSS-API to make it meet our needs. Surely you might > consider the same approach? > [...] > In this case it seems I have to educate myself as to your needs, > but I'm not sure that you and/or other CICM proponents are really up > to date on the GSS-API. I don't mean that you should be an expert in > the GSS-API before setting out to build something like CICM, but it > would be good to make sure that CICM, or parts of it, are not > predicated on misconceptions about existing APIs. Clearly, I need to make a better effort at being educated about GSS-API. I'll be in touch with the KITTEN folks, per your suggestion. In brief, you'd like to know CICM can't use GSS-API and: * use existing secure channel technologies, * enforce privilege separation in a single channel, * bind multiple authentications into a single channel, * or extend GSS-API to meet (other) high assurance needs? Am I missing anything? Thanks, Lev
- [cicm] CICM Channels and GSS (was Re: IETF Workin… Nico Williams
- Re: [cicm] CICM Channels and GSS (was Re: IETF Wo… Novikov, Lev
- Re: [cicm] CICM Channels and GSS (was Re: IETF Wo… Nico Williams