[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Cfrg] Re: [saag] Algorithm upgrades

To: "Hallam-Baker, Phillip" <pbaker at verisign.com>
Subject: Re: [Cfrg] Re: [saag] Algorithm upgrades
From: James Hughes <James_Hughes at StorageTek.com>
Date: Tue, 2 Nov 2004 02:14:05 -0500
Cc: saag at mit.edu, James Hughes <James_Hughes at StorageTek.com>, cfrg at ietf.org
In-reply-to: <C6DDA43B91BFDA49AA2F1E473732113E010BECF3@mou1wnexm05.vcorp.ad.vrsn.com>
List-help: <mailto:cfrg-request@ietf.org?subject=help>
List-id: Crypto Forum Research Group <cfrg.ietf.org>
List-post: <mailto:cfrg@ietf.org>
List-subscribe: <https://www1.ietf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www1.ietf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@ietf.org?subject=unsubscribe>
References: <C6DDA43B91BFDA49AA2F1E473732113E010BECF3@mou1wnexm05.vcorp.ad.vrsn.com>
Sender: cfrg-bounces at ietf.org

On Nov 1, 2004, at 8:09 PM, Hallam-Baker, Phillip wrote:

1. _New_ protocols that are being design should include the ability to negotiate algorithms. This is just good hygiene. If this is not formalized, it should be.
I strongly disagree. History has showed that negotiation mechanisms can lead to worse security problems than they are meant to address. The IETF has certainly showed an exceptional ability to overcomplicate them.


Well. We disagree then.

The only history of negotiation failures that I have seen is the GSM vulnerability where they put ECC under weak encryption and then used that same key for high strength, cracked the key, spoofed a base station, mounted a MIM attack and got in. Yes this is a protocol vulnerability with 2 (Doh!) stupid crypto mistakes. Was this caused because there was algorithm flexibility or because of other reasons? I would suggest that this is more about the other mistakes than about the fact that there were protocol vulnerabilities. If you have other examples, I'm all ears.

Keeping a protocol centered on the problem without the siren call of "feature creep" is not easy. It is this creep of "just one more feature cuz its a simple tweak" that, when compounded created a incomprehensible stew of incongruous kludges. If one can keep their eye on the ball, and is managed as a fundamental feature ( not an add on ) along with scalability and reliability, then it -is- possible to have algorithm flexibility.

Half of the IETF protocols are more complicated than the average IETF protocol.

Well, maybe we strongly agree. What we need is an ability to add new algorithms, remove bad algorithms with causing undue complexity to the user.

What we need is a policy layer for the whole application protocol layer stack. It should not be part of the individual protocols, it should be part of the DNS.


This seems like a policy punt. what are you suggesting and why?

Thanks

jim


_______________________________________________
Cfrg mailing list
Cfrg at ietf.org
https://www1.ietf.org/mailman/listinfo/cfrg

References:
- RE: [Cfrg] Re: [saag] Algorithm upgrades
  - From: Hallam-Baker, Phillip

Prev by Date: [Cfrg] Re: universal MACs
Next by Date: RE: [Cfrg] Re: [saag] Algorithm upgrades
Previous by thread: Re: [Cfrg] Re: [saag] Algorithm upgrades
Next by thread: RE: [Cfrg] Re: [saag] Algorithm upgrades
Index(es):
- Date
- Thread