Re: [Isms] What granularity of attributes do we need for the securetransport?

["Randy Presuhn" <randy_presuhn at mindspring.com>]

Hi -

> From: "Wes Hardaker" <wjhns1 at hardakers.net>
> To: "Randy Presuhn" <randy_presuhn at mindspring.com>
> Cc: <isms at ietf.org>
> Sent: Tuesday, April 08, 2008 10:49 AM
> Subject: Re: [Isms] What granularity of attributes do we need for the securetransport?
...
> In particular, if you're going to outsource the complexity of security
> to another protocol, which is being done by using SSH as a transport.
> You either have to trust that transport to do the right thing or you are
> going to fail to actually outsource much of the complexity in the first
> place.  Plus if you strictly require only certain modes of the lower
> transport then when it gets security upgrades (eg, new algorithms) you
> won't because you too exactly specified requirements of it.
> 
> I think if the lower level says it can support authPriv you simply have
> to trust it.  Doing anything else adds way too much complexity and layer
> interaction that isn't needed.
...

But it *also* means that the security administrator setting up an organization's
access control policy has to be able to trust that all the "authPrivs" used by
that lower layer within that organization are sufficiently strong for the information
that the access control policy allows to be carried.

If we don't say how that gets configured, then at least we need to make it
known as an operational security consideration.

Randy

_______________________________________________
Isms mailing list
Isms at ietf.org
https://www.ietf.org/mailman/listinfo/isms