Vidya,
On Sun, Feb 18, 2007 at 11:20:54PM -0800, Narayanan, Vidya wrote:
(snip)
Going back to your proposed text:
"It is RECOMMENDED that the key transport protocol be able to detect
impersonation. When it is not feasible to guarantee that, every key
handed out from the server to an entity for a given peer MUST be
different from every other key handed out for a given peer."
I think that detection of impersonation is part of the
"Authenticate all parties" *requirement* (not a recommendation).
I don't think it is a "requirement" - and the reason I believe that is
due to the second sentence in that text above. This is what I tried to
explain in much greater detail in my first response to Sam on this
thread. As long as no two keys distributed from the server are the same,
even to the same perceived identity, there is nothing that a lying
entity can do to sessions with other entities. So, as long as a solution
satisfies that criteria, it is not a MUST to detect impersonation. But,
I do agree that it would be much better if the detection was done by the
key transport mechanism - hence, I think "RECOMMENDED" is appropriate :)
I believe this is a requirement. If a particular AAA key management
framework is hard to satisfy this requirement in a particular usage, I
think that the right way to do is to have some text in the
corresponding framework document about the potential vulnerability in
that usage, rather than trying to relax the requirement itself.
Yoshihiro Ohba
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/ietf