Re: RHijacked Addresses



on 8/4/2002 1:49 PM Jacob Palme wrote:

It is very surprising and disappointing that application
layer security standards are not successful.

I am not a security expert and do not understand why.


Lack of transparency. If it is more effort (measurable in multiple
dimensions) to make something secure, a large number of people simply
won't do it. Stuff has to be designed and deployed as secure in the
default for everybody to use it. Since SMTP (as a topical example) wasn't
designed with this objective in mind -- and since making it secure
requires significant amounts of external effort in terms of getting a
cert, configuring the product, integrating accounts, and so forth -- it is
unlikely to ever be used in the secure form by all of the people all of
the time.

Secondarily -- but no less important -- there isn't an effective
infrastructure for building these kinds of services upon. One of my
not-so-hidden agenda motives for the LDAP-WHOIS work is to facilitate the
deployment of an Internet directory instrastructure that provides public
hooks into administrative resource domains, and this is achieved by
providing standardized schema, naming, filters, delegation paths, and so
forth, and doing so for every unique administrative resource on the
Internet. Of course, the directory will have to become the primary point
of focus at some point, or else the directory itself is just additional
baggage and therefore represents additional cost to the operators. But if
the directory becomes the default base, then the layered services can
inherit the attributes and features offered with no additional costs.

Paul's point about trust is also on target. I'm not sure that can be
solved in the default condition, however. No service that *requires*
security can rightfully make use of implicit trust defined by external
parties, ever. But if that's true, then having to manage all trust
relationships will also mean that security is an ongoing cost item, and
therefore will never be ubiquitous. Hard problem, that.

-- 
Eric A. Hall                                        http://www.ehsco.com/
Internet Core Protocols          http://www.oreilly.com/catalog/coreprot/

<Prev in Thread]	Current Thread	[Next in Thread>
RE: RHijacked Addresses, (continued) RE: RHijacked Addresses, Jacob Palme Re: RHijacked Addresses, Keith Moore Re: RHijacked Addresses, Marc Mutz Re: RHijacked Addresses, Paul Hoffman / IMC Re: RHijacked Addresses, Marc Mutz Re: RHijacked Addresses, Paul Hoffman / IMC Re: RHijacked Addresses, Marc Mutz Re: RHijacked Addresses, Ken Hirsch Re: RHijacked Addresses, Paul Hoffman / IMC Re: RHijacked Addresses, Charles Lindsey Re: RHijacked Addresses, Eric A. Hall <= Re: RHijacked Addresses, Keith Moore Re: RHijacked Addresses, Gary Feldman Re: RHijacked Addresses, Jacob Palme RE: RHijacked Addresses, Nick Shelness RE: RHijacked Addresses, ned+ietf-822 Re: RHijacked Addresses, Marc Mutz Re: RHijacked Addresses, Keith Moore Re: RHijacked Addresses, Nick Shelness Re: RHijacked Addresses, Nick Shelness Re: RHijacked Addresses, Keith Moore