[Rmt] Comments on TESLA source authentication in the ALC and NORM protocols: draft-faurite-rmt-tesla-for-alc-norm-00.txt
"Michael Luby" <luby@digitalfountain.com> Tue, 26 July 2005 21:42 UTC
Received: from localhost.localdomain ([127.0.0.1] helo=megatron.ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1DxXC1-0005At-Bj; Tue, 26 Jul 2005 17:42:29 -0400
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1DxXC0-0005Ao-Ih for rmt@megatron.ietf.org; Tue, 26 Jul 2005 17:42:28 -0400
Received: from ietf-mx.ietf.org (ietf-mx [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id RAA26401 for <rmt@ietf.org>; Tue, 26 Jul 2005 17:42:25 -0400 (EDT)
Received: from 67.110.226.239.ptr.us.xo.net ([67.110.226.239] helo=mx.webfountain.com) by ietf-mx.ietf.org with smtp (Exim 4.43) id 1DxXh7-0003F2-GV for rmt@ietf.org; Tue, 26 Jul 2005 18:14:38 -0400
Received: (qmail 2119 invoked from network); 26 Jul 2005 21:42:02 -0000
Received: from mail.intranet (HELO mail) (10.1.1.37) by 67.110.226.239.ptr.us.xo.net with SMTP; 26 Jul 2005 21:42:02 -0000
Received: by mail (8.12.1/8.12.1/Debian -5) with SMTP id j6QLpmsB027114; Tue, 26 Jul 2005 14:51:48 -0700
From: Michael Luby <luby@digitalfountain.com>
To: "Rmt@ietf. org" <rmt@ietf.org>, msec@securemulticast.org
Date: Tue, 26 Jul 2005 14:41:38 -0700
Message-ID: <MLEAJLFPEBEIKPLNBLGIGEKPFFAA.luby@digitalfountain.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
X-Priority: 3 (Normal)
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2911.0)
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1409
Importance: Normal
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 0a7aa2e6e558383d84476dc338324fab
Content-Transfer-Encoding: quoted-printable
X-MIME-Autoconverted: from 8bit to quoted-printable by ietf.org id RAA26401
Cc: Michael Luby <luby@digitalfountain.com>
Subject: [Rmt] Comments on TESLA source authentication in the ALC and NORM protocols: draft-faurite-rmt-tesla-for-alc-norm-00.txt
X-BeenThere: rmt@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Reliable Multicast Transport <rmt.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/rmt>, <mailto:rmt-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:rmt@ietf.org>
List-Help: <mailto:rmt-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/rmt>, <mailto:rmt-request@ietf.org?subject=subscribe>
Sender: rmt-bounces@ietf.org
Errors-To: rmt-bounces@ietf.org
Comments on TESLA source authentication in the ALC and NORM protocols: draft-faurite-rmt-tesla-for-alc-norm-00.txt First off, I think that this is a very good thing to try and standardize, as TESLA is ideally suited to provide authentication and packet integrity protection to ALC and NORM. Unfortunately, I have a lot of questions and issues with the draft, and some are basic questions about where this work should be done. What I was expecting is a document that describes how to apply TESLA and related security features that have been developed in MSEC that have been developed in the spirit of a building block to ALC and NORM, where all the security issues have been addressed in the TESLA work and it is simply cut and paste to put that into the ALC and NORM context. What I see instead is a document that describes a lot of protocol work that has security aspects to it that seems more suitable for MSEC. Im not sure why this is, perhaps because the TESLA specification does not lend itself to being used as a building block directly, and perhaps because some of the other security protocols have not been addressed by MSEC. It would be good though if the basic security work were done in MSEC, and only applications of that work that have no potential to introduce weaknesses in security were described in the RMT work that describes how these protocols are applied to ALC and NORM. I have been informed that this is the approach taken with SRTP, i.e., the work to apply TESLA to SRTP is being done within MSEC, and not AVT. As an example, Section 2 describes protocols for time synchronization between the sender and receivers. Since the security of TESLA entirely relies on time synchronization, the security of this protocol is of crucial importance. Furthermore, it seems that time synchronization would be a basic primitive of any protocol that uses TESLA. Thus, it seems like the time synchronization protocols should be work done within the MSEC group that can then be leveraged for application work done in RMT, and it seems inappropriate for this work to be done in RMT since the security protocol experts arent there. Section 3 on setting TESLA parameters seems to be the type of thing that one would expect in this draft. However, even in this section, there is very little reference and tie-in with the TESLA RFC, and thus it would be good to tighten this section up and refer to the appropriate sections and definitions used in TESLA in this section and use the protocols that have been standardized in TESLA. A related comment is that it should be said somewhere in this draft incorporates the TESLA RFC and inherits all of the terminology of the TESLA RFC. The bulk of Section 3 defines the format of bootstrap information signature fields and authentication tags, and many related parameters. It seems like this format and information should all be defined in the TESLA RFC, or if not in a related RFC within MSEC. If this is all new to this draft and not described in the TESLA RFC then this seems like a lot of new formatting/information to be adding beyond TESLA, and I would feel a lot more comfortable if this work were done in MSEC. There are a number of other technical comments that could be made, but I think the high level issue of how to split the work between MSEC and RMT should be solved before addressing lower level technical issues. Regards, Michael Luby _______________________________________________ Rmt mailing list Rmt@ietf.org https://www1.ietf.org/mailman/listinfo/rmt
- [Rmt] Comments on TESLA source authentication in … Michael Luby
- Re: [Rmt] Comments on TESLA source authentication… faurite
- Re: [MSEC] Re: [Rmt] Comments on TESLA source aut… George Gross
- Re: [MSEC] Re: [Rmt] Comments on TESLA source aut… canetti
- RE: [MSEC] Re: [Rmt] Comments on TESLA source aut… Michael Luby
- RE: [MSEC] Re: [Rmt] Comments on TESLA source aut… canetti
- Re: [MSEC] Re: [Rmt] Comments on TESLA source aut… canetti
- RE: [MSEC] Re: [Rmt] Comments on TESLA source aut… George Gross
- RE: [MSEC] Re: [Rmt] Comments on TESLA source aut… canetti
- RE: [MSEC] Re: [Rmt] Comments on TESLA source aut… Michael Luby
- RE: [MSEC] Re: [Rmt] Comments on TESLA source aut… canetti