Re: [LinkSec] linksec roadmap
At 02:11 PM 12/10/2002 -0500, Marcus Leech wrote:
>Robert Moskowitz wrote:
> >
> >
> > There might be *ONE* senario that fits this. Norm Finn talked about it at
> > the last Plenary:
> >
> > Consider a real ethernet with 2 bridges. The stations really do not know
> > or care which bridge handles their frames. They have to be authenticated
> > to both.
> >
> > There are probably other senarios like this.
> >
>But that scenario *does not* necessarily imply group-shared keys. It just
>means
> that I need largely-equivalent security associations with each bridge.
If we include encryption, then both bridges need to decrypt the
datagrams. that is where a group key comes in.
but it is a set of small groups. each device with the network access
points on the shared media.
Robert Moskowitz
Senior Technical Director
ICSA Labs
(248) 968-9809
Fax: (248) 968-2824
rgm@trusecure.com
There's no limit to what can be accomplished
if it doesn't matter who gets the credit