[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Cfrg] draft-irtf-cfrg-advice-00.txt and related work

To: <meadows@itd.nrl.navy.mil>
Subject: [Cfrg] draft-irtf-cfrg-advice-00.txt and related work
From: "David A. Mcgrew" <mcgrew@cisco.com>
Date: Wed, 19 Feb 2003 14:28:43 -0800
Cc: <cfrg@ietf.org>
Importance: Normal
List-help: <mailto:cfrg-request@ietf.org?subject=help>
List-id: Crypto Forum Research Group <cfrg.ietf.org>
List-post: <mailto:cfrg@ietf.org>
List-subscribe: <https://www1.ietf.org/mailman/listinfo/cfrg>,<mailto:cfrg-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www1.ietf.org/mailman/listinfo/cfrg>,<mailto:cfrg-request@ietf.org?subject=unsubscribe>
Sender: cfrg-admin@ietf.org

Catherine,

I wanted to close the loop on a couple of comments on your draft and some
related documents.

Your draft rightly recommends that protocol authors describe the security
properties that their protocols provide.  In order to do this, we need a
consistent terminology.
RFC 2828, the "Internet Security Glossary", could be invaluable in this regard.
It is extensive and precise.  Of course, it's not exhaustive (for example, the
secure rtp authors found that they needed to define their own terms rather than
rely on it).  It would be nice if we could reference glossaries that covered
other specialized areas such as the cryptographic literature, that of group
security, IP DoS and so on.

Another potential resource is Rescorla and Korver's "Guidelines for Writing RFC
Text on Security Considerations", draft-iab-sec-cons-03.txt.  This is a draft
and not an RFC, but it contains a lot of useful descriptions.

IMO, it would also be interesting for your draft to cover not only how to
describe protocols so that they can be analyzed, but also to describe protocol
constructs that are amenable to analysis.  All other things equal, we want to
avoid constructs that complicate a security model to the point that it can't be
proven secure.  If there are such pitfalls, it would be great to have a
description of them.

On a related topic, I'd also be interested to see a list of abstract protocols
that have been proven to be secure, that concrete protocol designers could use
straightforwardly.   There have been a lots of interesting flaws found in real
protocols via formal analysis, and I'm sure that many protocol designers would
appreciate a map that showed the known shortcuts around the landmines.  Of
course I realize that's a big topic that goes well beyond the scope of your
draft, but I feel justified in my role as CFRG chair of encouraging the
dissemination of useful results :-)  Perhaps we can find someone interested in
writing such a draft.

David

_______________________________________________
Cfrg mailing list
Cfrg@ietf.org
https://www1.ietf.org/mailman/listinfo/cfrg

Prev by Date: [Cfrg] Deadline for Security in Distribute Computing - This Thursday!
Next by Date: Re: [Cfrg] draft-irtf-cfrg-advice-00.txt and related work
Previous by thread: [Cfrg] Deadline for Security in Distribute Computing - This Thursday!
Next by thread: Re: [Cfrg] draft-irtf-cfrg-advice-00.txt and related work
Index(es):
- Date
- Thread