RE: experiments in the ietf week

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Title: Re: experiments in the ietf week
These claims are meaningless to me. Transport and network layer security have distinct objectives and purposes. They are not replacements or interchangeable in any sense.
 
If you beleive that there is an attack that SSL is vulnerable to you should bring it up in TLS.
 
 
In general the higher up you climb in the stack, the better the security you can offer. In order to provide application layer security in a correctly layered network model you have to apply security at a layer that the application talks to, that means either the messaging (S/MIME/PGP/S-HTTP/SHEN) or the transport layer (SSL, DNS). SSL provides confidentiality, integrity and authentication. If you want useful non-repudiation you need to move up to the message layer.
 
The advantage of going lower in the stack is to gain greater generality. IPSec allows every communication to be protected with a basic level of security in a manner that is transparent to the applications. As such it allows certain aspects of confidentiality and integrity to be supported but cannot inform application logic.
 
Security today is all about layered security. Ideally an email transaction would have at least three layers of security:
 
1) IPSec
 
2) TLS (between SUBMIT client to server, STP server to server, POP3/IMAP server to client)
 
3a) DKIM + S/MIME/PGP
   Each message should be DKIM signed as a matter of course
   If the recipient advertises an acceptable encryption key and protocol this should be used to encrypt the message
 
3b) DRM attachments
   If a message has attachments (e.g. Word, HTML Archive, etc) these should be subject to lifecycle-long data level protection.
 
 
The most critical layer here is layer 3b which is unfortunately the one we do not have today. At the moment 2014 is the earliest I can see there being the hope of an unencumbered data level security specification.
 
I do not see any value in 'turning off' upper layer security enhancements as an experiment.
 
From: ietf-bounces@xxxxxxxx on behalf of Iljitsch van Beijnum
Sent: Mon 24/03/2008 10:17 AM
To: Eric Rescorla
Cc: Mark Andrews; Jari Arkko; IETF Discussion; Kurt Erik Lindqvist
Subject: Re: experiments in the ietf week

On 19 mrt 2008, at 1:46, Eric Rescorla wrote:

>> A more interesting experiment would be to do away with SSL for a bit
>> and use IPsec instead.

> Why would this be either interesting or desirable?

SSL is vulnerable to more attacks than IPsec and IPsec is more general 
than SSL. As such it would be good if we could have IPsec deployment 
similar to SSL deployment, similar to how it would be good to have 
IPv6 rather than IPv4 deployment, so a similar experiment could be 
useful in showing what if any the reasons are we're still stuck with 
the inferior SSL/TLS technology.
_______________________________________________
IETF mailing list
IETF@xxxxxxxx
https://www.ietf.org/mailman/listinfo/ietf

_______________________________________________
IETF mailing list
IETF@xxxxxxxx
https://www.ietf.org/mailman/listinfo/ietf
[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Fedora Users]