RE: IPSEC MIBs?

Cliff Wang <cxwang@us.ibm.com> Thu, 28 May 1998 13:59 UTC

Received: (from majordom@localhost) by portal.ex.tis.com (8.8.2/8.8.2) id JAA27156 for ipsec-outgoing; Thu, 28 May 1998 09:59:20 -0400 (EDT)
From: Cliff Wang <cxwang@us.ibm.com>
To: ipsec@tis.com
Cc: rja@inet.org
Subject: RE: IPSEC MIBs?
Message-ID: <5040200015513229000002L092*@MHS>
Date: Thu, 28 May 1998 09:56:07 -0400
MIME-Version: 1.0
Content-Type: text/plain
Sender: owner-ipsec@ex.tis.com
Precedence: bulk

If the MIB is just used to monitor the
IPsec SA status only but not used to
config the policy, would that still
weakens IPsec? In other words, the MIB
is designed for GET function only, no
SET allowed.

Of course, some of the running status/statistics
of a SA may be expose by SNMP, but
without exposing the keys (keying materials),
how big a threat will MIB pose?

Thanks for any insight into this!
cliff


-----Original Message-----
From: Ran Atkinson [SMTP:rja@inet.org]
Sent: Thursday, May 28, 1998 3:11 AM
To: Stephen Waters
Subject: Re: IPSEC MIBs?


Doing a useful MIB for IPsec would tend to reduce the
security of an IPsec implementation to the min(IPsec security,
SNMP security).  The latter (SNMP Security) is generally
accepted to be weaker (especially pre-SNMPv3, but even
with SNMPv3 in place).

I'd suggest that weakening the security of an implementation
of a security protocol is probably not a good global optimisation.

Ran

IPSEC MIBs? Stephen Waters
Re: IPSEC MIBs? Robert Moskowitz
RE: IPSEC MIBs? Stephen Waters
RE: IPSEC MIBs? Paul Koning
RE: IPSEC MIBs? Cliff Wang