On Tue, May 06, 2008 at 03:40:46PM +0000, Steven M. Bellovin wrote: > Experiment part two: implement remote login (or remote IMAP, or remote > Web with per-user privileges, etc.) under similar conditions. Recall > that being able to do this was a goal of the IPsec working group. > > I think that part one is doable, though possibly the existing APIs are > incomplete. I don't think that part two is doable, and certainly not > with high assurance. In particular, with TLS the session key can be > negotiated between two user contexts; with IPsec/IKE, it's negotiated > between a user and a system. (Yes, I'm oversimplifying here.)
"Connection latching" and "connection-oriented" IPsec APIs can address this problem. Solaris, and at least one other IPsec implementation (OpenSwan? I forget) makes sure that all packets for any one TCP connection (or UDP "connection") are protected (or bypassed) the same way during their lifetime. "The same way" -> by similar SAs, that is, SAs with the same algorithms, same peers, and various other parameters. A WGLC is about to start in the IETF BTNS WG on an I-D that describes this. Nico -- --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]