Thread Links			Date Links
Thread Prev	Thread Next	Thread Index	Date Prev	Date Next	Date Index

RE: [LinkSec] perfect forward security

To: <stds-802-linksec@ieee.org>
Subject: RE: [LinkSec] perfect forward security
From: "Peter Boucher" <pboucher@rappore.com>
Date: Tue, 1 Apr 2003 09:22:08 -0700
Sender: owner-stds-802-linksec@majordomo.ieee.org
Thread-Index: AcL1QTT8knkH1thBSS6JW+W0CTXAVwDKREXw
Thread-Topic: [LinkSec] perfect forward security


It seems to me that you want to prevent theft of services (e.g., after
an off-line attack, future subscription videos can be stolen).

Billing ability may also require it to prevent one customer from, after
an off-line attack, being able to rack up charges on another customer's
account.

Peter

-----Original Message-----
From: Russ Housley [mailto:housley@vigilsec.com] 
Sent: Friday, March 28, 2003 8:23 AM
To: stds-802-linksec@ieee.org
Subject: Re: [LinkSec] Teleconf notes 3/25/03


I could not attend the teleconference, but I would like to respond to
this 
question raised in the notes.

>PFS = perfect forward security.  Is it needed?

I think that this is not a requirement.  I do not think that we need the

computational burden.

Is anyone advocating it?

Russ

Prev by Date: [LinkSec] Architecture problems
Next by Date: [LinkSec] Call tomorrow: architecture model
Prev by thread: RE: [LinkSec] We'll need to incorporate the new IETF security bit
Next by thread: [LinkSec] Call tomorrow: architecture model
Index(es):
- Date
- Thread