Re: [Isms] open issues

To: "Randy Presuhn" <randy_presuhn at mindspring.com>, <isms at ietf.org>
Subject: Re: [Isms] open issues
From: "Joseph Salowey (jsalowey)" <jsalowey at cisco.com>
Date: Wed, 30 Apr 2008 09:34:10 -0700
Authentication-results: sj-dkim-1; header.From=jsalowey at cisco.com; dkim=pass ( sig from cisco.com/sjdkim1004 verified; );
Delivered-to: ietfarch-isms-archive at core3.amsl.com
Delivered-to: isms at core3.amsl.com
Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; l=2824; t=1209573200; x=1210437200; c=relaxed/simple; s=sjdkim1004; h=Content-Type:From:Subject:Content-Transfer-Encoding:MIME-Version; d=cisco.com; i=jsalowey at cisco.com; z=From:=20=22Joseph=20Salowey=20(jsalowey)=22=20<jsalowey at ci sco.com> |Subject:=20RE=3A=20[Isms]=20open=20issues |Sender:=20; bh=Q50l7Aa2mP8i4cgtTxl2dFRLTmihXYS92QRp7KNEzvE=; b=eH+m2rlJtjxQZ2NxV275d/+3dQS7UUYTTxHAnsHmpe/iUHz7tVwIu1jjCa R4d4belbXNHYSOHATBvZuqfigNRZU+5Vu858bV21/bZzarCi9V6P30ohtFpZ xtp4UdHk2Z8XwUz7OZDWdJ5SEcxO897bhOkWQ1sFUPU/4Ue0vkbKI=;
In-reply-to: <002d01c8aad5$a91c0180$6801a8c0@oemcomputer>
List-archive: <http://www.ietf.org/pipermail/isms>
List-help: <mailto:isms-request@ietf.org?subject=help>
List-id: Mailing list for the ISMS working group <isms.ietf.org>
List-post: <mailto:isms@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/isms>, <mailto:isms-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/isms>, <mailto:isms-request@ietf.org?subject=unsubscribe>
References: <20080422210355.GA12678@elstar.local><002401c8a4dc$869f3400$6801a8c0@oemcomputer><20080423064530.GC13183@elstar.local><000d01c8a513$af1af400$6801a8c0@oemcomputer><20080423084701.GE13273@elstar.local><000601c8a56a$e95f1c20$6801a8c0@oemcomputer><000001c8a597$b0349560$011716ac@NEWTON603><000c01c8a59a$c04122e0$6801a8c0@oemcomputer><1696498986EFEC4D9153717DA325CB7271D491@vaebe104.NOE.Nokia.com><010301c8a634$464caf00$6801a8c0@oemcomputer><1696498986EFEC4D9153717DA325CB727BC9D4@vaebe104.NOE.Nokia.com> <002d01c8aad5$a91c0180$6801a8c0@oemcomputer>
Sender: isms-bounces at ietf.org
Thread-index: Aciq3jHsIEG/dufQTmSvMiCy1s7rOQAAPceA
Thread-topic: [Isms] open issues

 

> -----Original Message-----
> From: isms-bounces at ietf.org [mailto:isms-bounces at ietf.org] On 
> Behalf Of Randy Presuhn
> Sent: Wednesday, April 30, 2008 8:20 AM
> To: isms at ietf.org
> Subject: Re: [Isms] open issues
> 
> Hi -
> 
> > From: <Pasi.Eronen at nokia.com>
> > To: <randy_presuhn at mindspring.com>; <isms at ietf.org>
> > Sent: Wednesday, April 30, 2008 1:02 AM
> > Subject: RE: [Isms] open issues
> ...
> > Perhaps we're discovering a limitation that RFC 341x didn't really
> > consider: when you use pairwise secret keys, the key (and its
> > securityName) always identifies (at least implicitly) both 
> ends of the 
> > relationship. In case of public key crypto, that's not the case.
> 
> My recollection was that we consciously used this property in 
> the design of USM.  I don't recall any discussions of whether 
> the property held true for public keys.
> 
[Joe] USM key localization changes this a bit in that the key that is
used depends upon both the security name and Engine ID.  I don't think
that this is explicitly part of the architecture, but it does creep into
to how one deals with the security issues. 

> ...
> > > RFC 3413 section 3.4 specifies that securityName is 
> provided to the 
> > > notification receiver application.
> >
> > Yes.. but it's not clear whether this is always the same 
> securityName 
> > that was provided by the notification originator application 
> > (identifying the receiver, used for access control on the 
> originator 
> > side), or a securityName identifying the originator.
> >
> > For pairwise secret keys, it doesn't matter. For public 
> keys, if it's 
> > important to know the former on the notification receiver side, we 
> > might need to pass it separately from the SSH user name.
> 
> The assumption when the architecture was designed was that 
> the securityName delivered to the notification receiver 
> application would be whatever one was supplied by the 
> notification generator, which would be whatever was used by 
> access control to determine whether the information should be 
> permitted to be delivered to that party.  It's *not* a 
> securityName identifying "the originator" - the only thing in 
> the architecture that comes close to that concept would be 
> the snmpEngineID.
> 
[Joe] When considering authorization for delivering notifications you
want to authorize the identity of the recipient of the notification.  In
USM this corresponds to the one holding the key associated with the
security name that can decrypt the message upon reception. 

> Randy
> 
> _______________________________________________
> Isms mailing list
> Isms at ietf.org
> https://www.ietf.org/mailman/listinfo/isms
> 
_______________________________________________
Isms mailing list
Isms at ietf.org
https://www.ietf.org/mailman/listinfo/isms

Follow-Ups:
- Re: [Isms] open issues
  - From: David Harrington

References:
- Re: [Isms] open issues
  - From: Juergen Schoenwaelder
- Re: [Isms] open issues
  - From: Randy Presuhn
- Re: [Isms] open issues
  - From: Juergen Schoenwaelder
- Re: [Isms] open issues
  - From: Randy Presuhn
- Re: [Isms] open issues
  - From: Juergen Schoenwaelder
- Re: [Isms] open issues
  - From: Randy Presuhn
- Re: [Isms] open issues
  - From: David B. Nelson
- Re: [Isms] open issues
  - From: Randy Presuhn
- Re: [Isms] open issues
  - From: Pasi.Eronen at nokia.com
- Re: [Isms] open issues
  - From: Randy Presuhn
- Re: [Isms] open issues
  - From: Pasi.Eronen
- Re: [Isms] open issues
  - From: Randy Presuhn

Prev by Date: Re: [Isms] open issues
Next by Date: Re: [Isms] open issues
Previous by thread: Re: [Isms] open issues
Next by thread: Re: [Isms] open issues
Index(es):
- Date
- Thread

Re: [Isms] open issues

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.