Re: Determining strength of encryption provided by a GSS-API mechanism

To: Nicolas Williams <Nicolas.Williams at sun.com>
Subject: Re: Determining strength of encryption provided by a GSS-API mechanism
From: Alexey Melnikov <alexey.melnikov at isode.com>
Date: Wed, 12 Aug 2009 21:08:53 +0100
Cc: "kitten at ietf.org" <kitten at ietf.org>
Delivered-to: kitten at core3.amsl.com
In-reply-to: <20090812181633.GG10982 at Sun.COM>
List-archive: <http://www.ietf.org/mail-archive/web/kitten>
List-help: <mailto:kitten-request@ietf.org?subject=help>
List-id: Common Authentication Technologies - Next Generation <kitten.ietf.org>
List-post: <mailto:kitten@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/kitten>, <mailto:kitten-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/kitten>, <mailto:kitten-request@ietf.org?subject=unsubscribe>
References: <4A815FC7.8000400 at isode.com> <AF005B3D-73FB-411F-AA8B-783F39E6263E at kth.se> <20090812181633.GG10982 at Sun.COM>
User-agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.12) Gecko/20050915

Nicolas Williams wrote:

On Tue, Aug 11, 2009 at 11:42:53PM +0200, Love Hörnquist Åstrand wrote:

11 aug 2009 kl. 14:10 skrev Alexey Melnikov:

Is such API already available

no

Though we've discussed designs for APIs that allow applications to
request / determine which strength profiles to use / are in use.

Can you provide a pointer?

and if the answer is no, are people interested in working ondefining it?
sure, I think the definition of SSF is broken, and its not simple tounderstand, racing to yet another higher number seems bad.

Indeed.  SSF is bad, bad, bad.

It's not possible to permanently assign a "strength" number to a
mechanism or "enctype".  Strength is in the eye of the beholder and may
vary with time.  And users shouldn't, and likely don't, care about
numeric strength representations -- they should, and probably do, care
about strength representations in their language, such as "strong",
names of standards (e.g., "fips140-1"), and so on.

IMO only relative strength should matter,

This is how SSF is used, for the most part. But you are right, there isno way to reclassify a cipher as weak using SSF.

and rather than use numbers we
should use names of policies, policies that can be created and
maintained locally or, in the case of policies that correspond to
standards, delivered by vendors and updated as those standards are
updated.

Well, if the WG can provide a way to control and determine which ciphersare supported, this would be great.

No, that's not helpful to you: even if we had such GSS APIs you'd still
have to introduce equivalent SASL APIs and you'd still have to do
something about SSF for backwards compatibility.

Follow-Ups:
- Re: Determining strength of encryption provided by a GSS-API mechanism
  - From: Nicolas Williams

References:
- Determining strength of encryption provided by a GSS-API mechanism
  - From: Alexey Melnikov
- Re: Determining strength of encryption provided by a GSS-API mechanism
  - From: Love Hörnquist Åstrand
- Re: Determining strength of encryption provided by a GSS-API mechanism
  - From: Nicolas Williams

Prev by Date: Re: Determining strength of encryption provided by a GSS-API mechanism
Next by Date: Re: Determining strength of encryption provided by a GSS-API mechanism
Previous by thread: Re: Determining strength of encryption provided by a GSS-API mechanism
Next by thread: Re: Determining strength of encryption provided by a GSS-API mechanism
Index(es):
- Date
- Thread

Re: Determining strength of encryption provided by a GSS-API mechanism

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.