[802SEC] Future of Link Security Exec SG
Forwarded for Russ, who is not a subscriber to this list.
-Bob
-----Original Message-----
Date: Tue, 25 Feb 2003 13:05:38 -0500
To: dolors@ieee.org, stds-802-sec@ieee.org, kenneth.alonge@verizon.net
From: Russ Housley <housley@vigilsec.com>
Subject: Future of Link Security Exec SG
Ken said:
>>You raise a good point about the .10 charter currently being limited
to
>>answering questions about our security standards and providing
maintenance,
>>as necessary. My opinion in my e-mail to the Exec is that I believe
that
>>any PAR created by the study group should be placed in .10, which
would have
>>the effect of modifying our charter. While it is true that we are
>>hibernating, the body of security expertise that .10 brought together
to
>>develop our set of standards is still available and some of them will,
>>hopefully, be able to support a new security effort. Like I also
stated, it
>>is a very unfortunate situation that we are in because of funding,
that I'm
>>unable to guarantee our participation. The reality is that we are
stuck
>>between the proverbial "rock and a hard place" in trying to do what we
>>believe is best for 802 security and, at the same time, trying not to
put
>>802 in a bind if it turns out that we can't fully participate. If .10
is
>>able to come out of hibernation and our members are able to support
the new
>>security effort, we would certainly encourage and welcome the
participation
>>of the .1 security engineers, as well as those from other working
groups.
>>There are a lot of "ifs" and I certainly don't want to mislead anyone
about
>>the probability of our continued participation. Right now the funding
>>situation is looking better, but the timing might not permit me to
attend
>>the March plenary. I believe Russ will be there in any event though.
Tony replied:
>Ken, there are way to many "ifs" and "buts" in what you have said here.
>
>The people that are currently interested in driving this work forward
>deserve better than to be told that they will be placed in a working
group
>that might or might not be able to resurrect itself depending on
whether
>or not the funding scene changes, and frankly, it seems to me that
>continuing to propose placement in 802.10 in the absence of any
certainty
>that such a thing is feasible simply serves to muddy the waters. The SG
>perfectly reasonably want to be able to get on with some real work. It
is
>the expressed wish of those people that want to do the work that the SG
>should be placed in 802.1. Similarly, 802.1 has made it clear that the
>activity would be welcome, as would be participation in that activity
by
>all relevant experts, including 802.10 experts, that choose to join in.
>
>Right now, what is under consideration is the placement of the study
>group, not the final destination of any work that the SG might decide
is
>necessary - that is a decision for the SEC once any PAR(s) generated by
>the SG get approved. Maybe if you are able to commit to reincarnating
>802.10 when we come to make decisions on the placement of PARs, then it
>would stand a chance of being given serious consideration.
There is clearly a set of people who believe this problem needs to be
solved -- and the sooner the better. To first order, there are two
aspects
to the problem: frame protection and key management.
To handle the frame encryption, integrity, authentication and access
control, the 802 family of standards includes IEEE Std 802.10b (the
Secure
Data Exchange (SDE)) that is very close to meeting the requirements (at
least the requirements as I understand them from my participation in
some
of the LinkSec teleconferences). Since 802.10b is due for its five year
review this year, it is very straightforward to make the changes to meet
the LinkSec requirements. In my opinion, these changes are ones that
802.10 would be expected to make anyway. The changes are pretty obvious
from the lessons learned from 802.11i CCMP and IPsec developments.
Key management is a very different situation. IEEE Std 802.10c (the Key
Management protocol) is not well aligned with the LinkSec requirements.
In
fact, I think that the key management model is sound, but that the
bit-on-the-wire protocol is obsolete. By obsolete, I do not mean
broken. Rather, 802.10c is to key management as CMIS/CMIP is to network
management. In my opinion, the key management protocol needs to be
reworked. Part of this rework should consider 802.1x. Another part of
this rework needs to address location of peer encryption devices. Mick
Seaman has told me that the probe mechanism in 802.10c does not scale.
If
a better mechanism exists, then it should be adopted,
If you accept this view of the work to be done, then I believe that
802.10
is the natural home, at least for the updating of SDE. I think it would
be
poor program management to separate the frame protection protocol and
the
key management.
Now, back to the people that believe this problem needs to be solved. I
believe that they will contribute to this effort no matter where it ends
up. I think it is important that there is a level playing field for all
of
them. Ken and Tony have both promised to make this happen, so this is
not
a discriminator to drive the placement of the PAR.
Russ