RE: Fw: [LinkSec] teleconf notes 4/15/03
Russ, I agree with what you say (ease of protection, no need to replicate)
and had in fact already come to this conclusion from first principles. What
I don't want to get sucked into is all the complications arising from
considering topology/interworking etc. etc. that might get dragged in just
because we can encode the frames a certain way.
Mick
-----Original Message-----
From: owner-stds-802-linksec@majordomo.ieee.org
[mailto:owner-stds-802-linksec@majordomo.ieee.org]On Behalf Of Russ
Housley
Sent: Friday, April 18, 2003 1:44 PM
To: mick_seaman@ieee.org
Cc: stds-802-linksec@ieee.org
Subject: Re: Fw: [LinkSec] teleconf notes 4/15/03
Mick:
>It may be argued that we should accomodate intermediate untrusted bridges
>from the outset, taking such steps as putting the .1Q tag in clear as well
>as protecting it. This is the standard standards approach and that of the
>responsible reasonable engineer. Most of the progress .1 has made in the
>past has been (IMHO) due to the ability to identify such never ending cases
>of distraction and project enlargement and take an axe to them right from
>the start.
I try to be pragmatic too. However, if the .1Q tag needs integrity
protection, it is not difficult, and it is easy to set up as an attribute
of the security association. That is, it does not have to add complexity
where it is not needed.
The cryptographic modes being used in 802.11i allows integrity protection
of arbitrary portions of the header and encryption as well as integrity
protection of the payload. It does not require replication of the
integrity protected header element in the payload. See the following
Internet-Draft if you want more details:
draft-housley-ccm-mode-02.txt. This will be published as an Information
RFC soon.
Russ