A new IETF non-working group email list has been created. List address: [email protected] Archive: http://www.ietf.org/mail-archive/web/siesta/ To subscribe: https://www.ietf.org/mailman/listinfo/siesta
Purpose: The present end-to-end application security context is tightly coupled with the underlying communication context. This is problematic for at least three reasons. First, it is not flexible: when the underlying communication context changes, the application security context must change, too. Second, in certain applications, the overhead associated with such coupling is prohivitively expensive over constrained networks (such as sensor- or cellular networks). Third, and probably most important, an attack on the communication context immediately effects the application security. This work aims at a solution to the above problems, with the objective of providing security context for an application, which is fully decoupled from the underlying communication methodology and is thus resilient to attacks on the communication context. With that, the security context may need to have basic understanding of the communication context to be efficient with datagram overhead and communication synchronization issues (such as sequence window management), and so it is desirable that solution supports the "hooks" into the underlying protocol. For additional information, please contact the list administrators.
