Re: [IPSECKEY] Security Considerations (pass 2)
Michael Richardson <mcr@sandelman.ottawa.on.ca> Thu, 05 June 2003 00:34 UTC
Received: from noxmail.sandelman.ottawa.on.ca (cyphermail.sandelman.ottawa.on.ca [192.139.46.78]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id UAA19546 for <ipseckey-archive@lists.ietf.org>; Wed, 4 Jun 2003 20:34:25 -0400 (EDT)
Received: from lox.sandelman.ottawa.on.ca (IDENT:root@lox.sandelman.ottawa.on.ca [192.139.46.2]) by noxmail.sandelman.ottawa.on.ca (8.11.6p2/8.11.6) with ESMTP id h550VAH22324 (using TLSv1/SSLv3 with cipher EDH-RSA-DES-CBC3-SHA (168 bits) verified NO); Wed, 4 Jun 2003 20:31:12 -0400 (EDT)
Received: (from majordom@localhost) by lox.sandelman.ottawa.on.ca (8.11.6/8.11.6) id h550W3F23011 for ipseckey-outgoing; Wed, 4 Jun 2003 20:32:03 -0400 (EDT)
Received: from noxmail.sandelman.ottawa.on.ca (nox.sandelman.ottawa.on.ca [192.139.46.6]) by lox.sandelman.ottawa.on.ca (8.11.6/8.11.6) with ESMTP id h550W1m23004 for <ipseckey@pophost.sandelman.ottawa.on.ca>; Wed, 4 Jun 2003 20:32:01 -0400 (EDT)
Received: from sandelman.ottawa.on.ca ([2002:c08b:2e42::1]) by noxmail.sandelman.ottawa.on.ca (8.11.6p2/8.11.6) with ESMTP id h550UQd22292 (using TLSv1/SSLv3 with cipher EDH-RSA-DES-CBC3-SHA (168 bits) verified OK) for <ipseckey@sandelman.ca>; Wed, 4 Jun 2003 20:30:36 -0400 (EDT)
Received: from marajade.sandelman.ottawa.on.ca (mcr@localhost) by sandelman.ottawa.on.ca (8.12.3/8.12.3/Debian -4) with ESMTP id h540iZQo022944 for <ipseckey@sandelman.ca>; Tue, 3 Jun 2003 20:44:35 -0400
Message-Id: <200306040044.h540iZQo022944@sandelman.ottawa.on.ca>
To: ipseckey@sandelman.ca
Subject: Re: [IPSECKEY] Security Considerations (pass 2)
In-reply-to: Your message of "Fri, 23 May 2003 12:38:27 +0200." <20030523103827.GB2037@ivan.int-evry.fr>
Mime-Version: 1.0 (generated by tm-edit 1.8)
Content-Type: text/plain; charset="US-ASCII"
Date: Tue, 03 Jun 2003 20:44:34 -0400
From: Michael Richardson <mcr@sandelman.ottawa.on.ca>
Sender: owner-ipseckey@sandelman.ottawa.on.ca
Precedence: bulk
X-List: ipseckey@sandelman.ottawa.on.ca
-----BEGIN PGP SIGNED MESSAGE----- {I think that this is a dead horse, but I didn't get all the emails in this thread sorted right...} >>>>> "JJ" == Jean-Jacques Puig <Jean-Jacques.Puig@int-evry.fr> writes: JJ> Question: what do you mean by: "In cases where the end-to-end integrity JJ> of the IPSECKEY RR is suspect" ? JJ> Do you mean: JJ> a) Implementation detected (how ?) or expects with a JJ> reasonnable probability that an active attack is JJ> under way. Then I JJ> agree the end client MUST restrict the use of the JJ> record. JJ> or: JJ> b) When there is no end-to-end integrity, (or when a JJ> gateway cannot JJ> know surely about that), the end client MUST restrict JJ> the use of JJ> the record. I mean (b). I don't know when one can determine (a) without DNSSEC, and if you have DNSSEC, well... So, if my gateway knows that it is loading good data for some zone, because, for instance, it *is* the DNS server for that zone, then it might be more lax. JJ> I'm really sorry to mess around with these problems of MAY/SHOULD/MUST, JJ> but I fear current statements let opened too many questions or may lead JJ> to restrict too much. Your text is reasonable. Am I to figure out how to integrate your text, or would you like to provide a straight diff where you feel it fits in? ] ON HUMILITY: to err is human. To moo, bovine. | firewalls [ ] Michael Richardson, Sandelman Software Works, Ottawa, ON |net architect[ ] mcr@sandelman.ottawa.on.ca http://www.sandelman.ottawa.on.ca/ |device driver[ ] panic("Just another Debian GNU/Linux using, kernel hacking, security guy"); [ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (GNU/Linux) Comment: Finger me for keys iQCVAwUBPt1A8IqHRg3pndX9AQF2LgQAzdh2a4pzgt2blhUOjOR2RXHXyrdacIux tD+DUntD+kTwHznT4V4eCrz0bITE8y7/AWnuqjlXssnf8HtIA0aXs9bBA7Syjdpj RcX2yIUGY7GybbmSXAr+J7aQdr1SXz9CyF+z2KTKjti/MSGfwVypTg6Vmyl/Ji6r tU3NQigsMwA= =GEjk -----END PGP SIGNATURE----- - This is the IPSECKEY@sandelman.ca list. Email to ipseckey-request@sandelman.ca to be removed.
- Re: [IPSECKEY] Security Considerations (pass 2) Michael Richardson