At 7:32 AM -0700 10/3/08, Bill Sommerfeld wrote:
On Fri, 2008-10-03 at 06:58 -0700, Joe Touch wrote:There appears to be at least one change that might be required by all Internet hosts; current behavior upon receipt of an IP packet at a security level not supported is to send a TCP RST. This document indicates that such hosts MUST silently drop such packets.In a securely-configured MLS environment, systems not running an MLS operating system will never receive a packet with an MLS label -- if they did, that inherently means that an MLS system somewhere is misconfigured and information is flowing in violation of the MLS policy.
I'm not sure I agree with this statement, Bill. A single-level or dedicated mode host MIGHT receive such packets IF an MLS hosts is configured to always send labelled packets. Such hosts MIGHT be configured to accept and emit packets with a fixed secruity level, as part of an overall, local config policy. Such systems, while not MLS, would not be label-unaware. I am familiar with plans that called for such behavior in the RFC 1108 context. Note that a BLACKER E2E crypto unit configured to support a single-level host would behave this way, but since the BLACKER was MLS (even though a host behind it might not be), that example does not exactly fit the description above.
Steve _______________________________________________ saag mailing list saag at ietf.org https://www.ietf.org/mailman/listinfo/saag
Note Well: Messages sent to this mailing list are the opinions of the senders and do not imply endorsement by the IETF.