ietf-openproxy
[Top] [All Lists]

RE: Unique Shared Secrets (4.4.2) in opes-authorization

2002-10-23 07:18:59

eric,

The intend here is to secure the Hop-by-hop traffic. We can reaxime the
wording and the requirements.

-- This will be added as an action item for the -01 draft.

Abbie



-----Original Message-----
From: Eric Burger [mailto:eburger(_at_)snowshore(_dot_)com] 
Sent: Monday, October 21, 2002 10:35 PM
To: OPES Group
Subject: Unique Shared Secrets (4.4.2) in opes-authorization



Why must the shared secrets be unique for each requestor / 
responder pair? Why do we care?  In fact, such a requirement 
opens a security hole: I can guess someone else's key by 
trying to enter keys until the "system" tells me I can't 
because someone else has that key.

I would drop the bullet.


<Prev in Thread] Current Thread [Next in Thread>