Folks,
I want to add a few comments to Rob's message about use of CMS and
TLS for the up/down protocol.
As Rob noted, Russ and I suggested this combination of protocols for
use here. CMS provides the base security for transactions, affording
integrity and authenticity via the signature applied to the CMS
payload. TLS offers an opportunity to implement a coarse level of
access control, and session-level integrity, authentication, and
anti-replay, with confidentiality as a side-effect (that may or may
not be needed).
I am not sure what motivates Rob to say that he is not convinced
about the extent of the session security offered by HTTPS. (Is it
related to the session resumption feature in TLS?) Anyway, by using
TLS one can restrict access to repository serves to the set of
entities to whom certs have been issued in the BPKI, which is
potentially helpful.
Steve
_______________________________________________
sidr mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/sidr
