Re: An RFC from the IAB
"Jeffrey I. Schiller" <jis@mit.edu> Fri, 22 March 1996 20:29 UTC
Received: from ietf.cnri.reston.va.us by IETF.CNRI.Reston.VA.US id aa25537; 22 Mar 96 15:29 EST
Received: from CNRI.Reston.VA.US by IETF.CNRI.Reston.VA.US id aa25533; 22 Mar 96 15:29 EST
Received: from ietf.cnri.reston.va.us by CNRI.Reston.VA.US id aa06817; 22 Mar 96 15:29 EST
Received: from ietf.cnri.reston.va.us by IETF.CNRI.Reston.VA.US id aa25523; 22 Mar 96 15:29 EST
Received: from CNRI.Reston.VA.US by IETF.CNRI.Reston.VA.US id aa25518; 22 Mar 96 15:29 EST
Received: from BOZO.MIT.EDU by CNRI.Reston.VA.US id aa06807; 22 Mar 96 15:29 EST
Received: by bozo.MIT.EDU id AA17667; Fri, 22 Mar 96 15:26:48 -0500
X-Orig-Sender: iesg-request@IETF.CNRI.Reston.VA.US
Sender: ietf-archive-request@IETF.CNRI.Reston.VA.US
From: "Jeffrey I. Schiller" <jis@mit.edu>
Message-Id: <9603221526.ZM17665@bozo.MIT.EDU>
Date: Fri, 22 Mar 1996 15:26:47 -0500
In-Reply-To: Brian Carpenter CERN-CN <brian@dxcoms.cern.ch> "An RFC from the IAB" (Mar 22, 11:00am)
References: <9603221000.AA27316@dxcoms.cern.ch>
X-Mailer: Z-Mail (3.1.0 22feb94 MediaMail)
To: Brian Carpenter CERN-CN <brian@dxcoms.cern.ch>, rfc-editor@isi.edu
Subject: Re: An RFC from the IAB
Cc: iab@isi.edu, iesg <iesg@CNRI.Reston.VA.US>
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0
On Mar 22, 11:00am, Brian Carpenter CERN-CN wrote: > Subject: An RFC from the IAB > Jon and Joyce, > ... > I haven't posted the -02 version, but of course I will do > that if requested. I never did see the -01 version, too much cruft going by on the IETF list I guess. In any event: > 6. Related to Confidentiality and Authentication > > 6.1 All designs must fit into the IP security architecture. Do we really have one of these? We have an IPSEC architecture. The PSRG has been working (on and off) on an Internet Security Architecture which has turned into an opus maximus. How about changing this to a reference to the Security Principals document published a few years ago. > 6.2 Confidentiality and authentication are the responsibility of end > users and must be implemented in the protocols used by the end users. > Endpoints should not depend on the confidentiality or integrity of > the carriers, and in particular, it is not the responsibility of the > carriers to ensure confidentiality. Carriers may choose to provide > some level of protection, but this is secondary to the primary > responsibility of the end users to protect themselves. Yes... but this reads too much to me as a license for ISPs to listen in. I would prefer a preface along the lines of: "6.2 Providers of Internet services are expected to respect the confidentiality of information that they carry. However the ultimate responsibility of ensuring confidentiality and authentication belongs to end users. Endpoints should not depend..." > 6.3 Wherever a cryptographic algorithm is called for in a protocol, > the protocol should be designed to permit alternative algorithms to > be used and the specific algorithm employed in a particular > implementation should be explicitly labeled. Official labels for > algorithms are to be recorded by the IANA. > > (It can be argued that this principle could be generalised beyond the > security area.) > > 6.4 In choosing algorithms, the algorithm should be one which is > widely regarded as strong enough to serve the purpose. Among > alternatives all of which are strong enough, preference should be > given to algorithms which have stood the test of time and which are > not unnecessarily inefficient. Do we want to say something about mandatory to implement algorithms in order to ensure interoperability? IPSEC's ESP transform mandates DES (but other algorithms choices can be used) so that two endpoints will always be able to at least negotiate the use of DES if they have no other algorithms in common. How about in addition: "6.5 To ensure interoperation between endpoints making use of security services, one algorithm (or suite of algorithms) should be mandated to ensure the ability to negotiate a secure context between implementations. Without this implementations might otherwise not have an algorithm in common and not be able to communicate securely. In choosing an algorithm for consideration as the mandatory to implement algorithm (or suite) protocol designers should consider the required strength and performance characteristics for the application. Political considerations such as export control law conformance should play only a secondary role if any in this decision process" [OK, so its a bold statement. Sometimes boldness is called for!] -Jeff
- An RFC from the IAB Brian Carpenter CERN-CN
- Re: An RFC from the IAB Jeffrey I. Schiller
- Re: An RFC from the IAB Steve Bellovin
- Re: An RFC from the IAB Robert Elz
- Re: An RFC from the IAB Robert Elz
- Re: An RFC from the IAB Brian Carpenter CERN-CN
- Re: An RFC from the IAB rfc-ed