On 15 Apr 2009, at 16:25, Eliot Lear wrote:
Regardless of what you think of Steve's point about the checksum, his
underlying point was that there is a binding between transport and
internet names, if ever so weak, and that if you introduce a new name
you have to bind it securely between layers.
I'll attempt a rephrase.
One of the points that various security folks have made over the years
(and that was made during NSRG days) is that millions of home NAT
boxes (all very very low cost, with low-powered/cheap innards)
have no trouble modifying that "binding" in a way that makes the
binding worthless from a security (i.e. authentication) perspective.
So:
1) An issue with the deployed Internet is that there is not always
an easily authenticated binding between names at different layers.
- DNSsec is part of the solution for this, as it will permit
authentication of the bindings between IP addresses and
FQDNs.
- IPsec, especially AH, is another part of the solution for this.
And as a corollary:
2) It is desirable to be able to authenticate bindings between
related names that exist at different layers.
- DNSsec is one example of how this might be done.
- IPsec AH is another example of how this might be done.
Cheers,
Ran
_______________________________________________
rrg mailing list
[email protected]
http://www.irtf.org/mailman/listinfo/rrg
