Thread Links			Date Links
Thread Prev	Thread Next	Thread Index	Date Prev	Date Next	Date Index

RE: [LinkSec] Work in progress on a Security Architecture (one persons view)

To: <stds-802-linksec@ieee.org>
Subject: RE: [LinkSec] Work in progress on a Security Architecture (one persons view)
From: "Mick Seaman" <mick_seaman@ieee.org>
Date: Sat, 14 Dec 2002 14:24:48 -0800
Importance: Normal
In-Reply-To: <5.1.0.14.2.20021210134905.02db5210@localhost>
Reply-To: <mick_seaman@ieee.org>
Sender: owner-stds-802-linksec@majordomo.ieee.org

Bob,

With the devil being in the details here even more than usual (if that's
possible), I appreciate the solution oriented forward look.

1) The point was made in Hawaii that the original Needham-Schroder was
vulnerable to the use of old compromised keys, but Kerberos requires a time
service which itself can be compromised. Are you actually thinking of using
Kerberos and postulating a secured time service (difficult in this context),
or are you thinking of the Otway-Rees improvement to N-S.

2) Although it may offend top-down purists, solutions that have most of
their pieces already in place tend to win out. One of the most difficult
things to magic up a new version of is an Authentication Server (I guess a
good reason for using Kerberos with the time issue painstakingly fixed). I
guess anything that doesn't look like real Kerberos to the AS may fail this
test.

Mick

> -----Original Message-----
> From: owner-stds-802-linksec@majordomo.ieee.org
> [mailto:owner-stds-802-linksec@majordomo.ieee.org]On Behalf Of Robert
> Moskowitz
> Sent: Tuesday, December 10, 2002 10:52 AM
> To: Marcus Leech; mick_seaman@ieee.org
> Cc: stds-802-linksec@ieee.org
> Subject: Re: [LinkSec] Work in progress on a Security
> Architecture (one
> persons view)
>
>
>
> At 01:16 PM 12/10/2002 -0500, Marcus Leech wrote:
>
> >Not to trash Bob Moscovitz, but I think that when he did his
> presentation on
> >   "A Needham-Schroeder Method" at the CFI in Hawaii, he was
> trying to hide
> >   Kerberos in behind his talk.  802.10 Key Management looks
> like it already
> >   has Kerberos in mind when it talks about KDCs.  I think
> it's important not
> >   to get too far into a particular *solution* until we
> understand what the
> >   problem is.
> >
> >It's important not to get too cozy with particular solutions
> at this stage
> >   of the development.
>
> rather what I was looking at was managing authentication
> state within a
> dynamic network.  AAA talks about this and presents both
> models: where
> state is maintained in the network or in the end device.  For
> a number of
> reasons I perfer the model of state in the end device, and
> Needham-Schroeder presents this well.  Probably too well.
>
> I am working on a more architectual, less solution presentation.
>
>
>
> Robert Moskowitz
> Senior Technical Director
> ICSA Labs
> 	(248) 968-9809
> Fax:	(248) 968-2824
> rgm@trusecure.com
>
> There's no limit to what can be accomplished
> if it doesn't matter who gets the credit
>
>
>

References:
- Re: [LinkSec] Work in progress on a Security Architecture (one persons view)
  - From: Robert Moskowitz <rgm@trusecure.com>

Prev by Date: MAC Layer Verus Link, why protect control messages -> was RE: [LinkSec] Notes from meeting 12/10/02
Next by Date: [LinkSec] issues/reqts
Prev by thread: Re: [LinkSec] Work in progress on a Security Architecture (onepersons view)
Next by thread: RE: [LinkSec] linksec roadmap
Index(es):
- Date
- Thread