Sorry - for both of these - the date was '83, not '87.... Mike
At 03:49 PM 10/2/2008, Michael StJohns wrote: >At 03:30 PM 10/2/2008, Sam Hartman wrote: >>You're proposing a huge complexity increase for the TCP stack in order >>to get this covert channel protection. > >Hi Sam - > >The guys at Honeywell who did the fix for Multics back in '87 took about 2 >days to do the fix. The complexity was pretty much limited to a single module >and a few internal structures which described the TCP context. Basically >tagging the TCP connection structure with the security level of the process >and changing the matching logic already in place to do the right thing with >respect to security. > >Note that this treatment of multiple networks only has to happen on hosts >which are multi-level. And the multi-level stuff is already a bit of cruft >and complexity. This just gets thrown in to the other stuff you have to do to >have a secure multi-level system. > >For your suggestions with multiple addresses... its possible, but all you're >doing is moving the complexity from implementation (where you do it once and >test the hell out of it) to administration (where you have to do it for each >system and hope you get it right). I know what I'd choose... :-) > >Mike _______________________________________________ Ietf mailing list [email protected] https://www.ietf.org/mailman/listinfo/ietf
