[Ieprep] Folts' stated requirements: security
Fred Baker <fred@cisco.com> Tue, 02 April 2002 20:12 UTC
Received: from optimus.ietf.org (ietf.org [132.151.1.19] (may be forged)) by ietf.org (8.9.1a/8.9.1a) with ESMTP id PAA00961 for <ieprep-archive@odin.ietf.org>; Tue, 2 Apr 2002 15:12:09 -0500 (EST)
Received: from optimus.ietf.org (localhost [127.0.0.1]) by optimus.ietf.org (8.9.1a/8.9.1) with ESMTP id PAA10238; Tue, 2 Apr 2002 15:08:25 -0500 (EST)
Received: from ietf.org (odin [132.151.1.176]) by optimus.ietf.org (8.9.1a/8.9.1) with ESMTP id PAA10204 for <ieprep@ns.ietf.org>; Tue, 2 Apr 2002 15:08:22 -0500 (EST)
Received: from sj-msg-core-2.cisco.com (sj-msg-core-2.cisco.com [171.69.24.11]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id PAA00733 for <ieprep@ietf.org>; Tue, 2 Apr 2002 15:08:20 -0500 (EST)
Received: from FRED-W2K6.cisco.com ([10.25.10.242]) by sj-msg-core-2.cisco.com (8.11.3/8.9.1) with ESMTP id g32K7nb20273; Tue, 2 Apr 2002 12:07:50 -0800 (PST)
Message-Id: <5.1.0.14.2.20020401085848.01d76788@mira-sjcm-4.cisco.com>
X-Sender: fred@mira-sjcm-4.cisco.com
X-Mailer: QUALCOMM Windows Eudora Version 5.1
Date: Tue, 02 Apr 2002 12:07:44 -0800
To: "Folts, Harold" <foltsh@ncs.gov>
From: Fred Baker <fred@cisco.com>
Cc: ieprep@ietf.org
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format="flowed"
Subject: [Ieprep] Folts' stated requirements: security
Sender: ieprep-admin@ietf.org
Errors-To: ieprep-admin@ietf.org
X-Mailman-Version: 1.0
Precedence: bulk
List-Id: Internet Emergency Preparedness Working Group <ieprep.ietf.org>
X-BeenThere: ieprep@ietf.org
In http://www.ietf.org/internet-drafts/draft-folts-ieprep-white-paper-00.txt, you state that "A US Government working group recently identified fourteen basic functional requirements for the future ETS." In section 2, you bring up the issue of security: +---------------------------------------------------------------- |b. Secure Networks Networks must have protection against | corruption of, or unauthorized access to, | traffic and control, including expanded | encryption techniques and user | authentication, as appropriate. +---------------------------------------------------------------- I'm not just certain what direction you want to take this. It is understandable in the sense of motherhood and apple pie: "people shouldn't be able to disrupt my communications, especially when I am calling for a fire truck, and people shouldn't be able to simulate calls for fire trucks when there is no need for one." The question we need to ask is "so who needs to implement what, and what problem that we have are you addressing when you prescribe that?" Your generic IP Service Provider, one readily argues, needs to be in control of his routers and switches. To accomplish this, we need good neighbor authentication between routers, and perhaps we need digital signatures on routes in some sense. In context, there has been quite a bit of work; OSPF, IS-IS, and RIPv2 each have built-in neighbor authentication using MD5 hashes. BGP uses RFC 2385 MD5 hashing for the same purpose. OSPF V3 uses IPSEC neighbor authentication, and the same has recently been proposed for BGP as well. On the digital signature side, Sandy Murphy designed RFC 2154, which has not been widely deployed for lack of interest from service providers, and Steve Kent et al have pushed the model in BGP (for example, http://www.net-tech.bbn.com/sbgp/sbgp-index.html). In short, I hear you arguing that people should not be able to compromise routing. Are you stating that there is a problem here which needs to be addressed, or simply observing that security would be a nice attribute to have? When it comes to user services such as AOL and various instant messaging platforms, there is also a requirement for user authentication and authorization to use services. There are also business requirements for same; one doesn't want people to use one's service if they are not going to pay for it. Are you stating that the type of authentication used for business purposes is inadequate for emergency use? Are you stating that you would like to be able to use https or some other "Secure" access technique to get to your IM provider? Are you saying that you want the provider to encrypt IM traffic internally? What problem are you addressing, and what are the details of the requirements relating to the problem? Much email and other access is directly from the user's desktop or laptop computer. Are you asking for security for the end computer? Do you mean that in the sense of the network preventing DOS attacks in some way? Are you asking for encryption and authentication services to be implemented on the laptop? Specifically what problem are you addressing and what types of solutions would meet the requirement? _______________________________________________ Ieprep mailing list Ieprep@ietf.org https://www1.ietf.org/mailman/listinfo/ieprep
- [Ieprep] Folts' stated requirements: security Fred Baker
- [Ieprep] RE: Folts' stated requirements: security Folts, Harold
- [Ieprep] RE: Folts' stated requirements: security Fred Baker
- RE: [Ieprep] RE: Folts' stated requirements: secu… Ian Brown
- RE: [Ieprep] RE: Folts' stated requirements: secu… Fred Baker