---------- Forwarded message ----------
Date: Mon, 15 Aug 2011 17:19:56 -0400
From: "Novikov, Lev"
Reply-To: Crypto discussion list
To: "CICM Discussion List (cicm@ietf.org)"
Cc: "cryptography@randombit.net"
Subject: [cryptography] CICM Scope
(Cross-posted on the Cryptography mailing list at randombit.net)
I've been doing a bit of reading based on the comments we've received.
The results of the BOF at IETF 81 suggested we should broaden our
scope and discuss the impact of the CICM Model, particularly Security
Domain Separation, on (2 or more) existing IETF protocols.
Here are the suggestions we've heard to-date (in no particular order):
* IPsec (suggested by almost everyone)
* TLS (via Paul Hoffman, David McGrew)
* AEAD (in RFC 5116; via David McGrew)
* VPN establishment crypto protocols (via Alfonso De Gregorio)
* Domain Security Services (as in RFC 3183; via Alfonso De Gregorio)
** Alfonso:
Can you elaborate on which protocols you had in mind regarding VPN?
It seems clear that, at the very least, we should look at IPsec.
Perhaps first, however, we should put together a crisper version of
draft-lanz-cicm-lm "CICM Logical Model" which we can then use as the
basis for analysis to address questions like: (via David McGrew)
* What benefit does the CICM model provide in cases where there
isn't a strict separation between security domains?
* How can the CICM model operate if only one of the communicating
parties uses the model?
* What is the impact of having queues between plaintext and
ciphertext on:
- latency
- jitter
- retransmission timers
- TCP startup time
- bufferbloat
* What is the impact of not providing return codes to a secure-side
application sending a packet? What about "no route to host" and
MTUs?
* Regarding applying the CICM model to IPsec:
- How would it map onto the IPsec Security Association Database?
- Where do the different parts of the IPsec architecture reside?
- How is information that needs to cross domains (e.g., TOS byte)
handled?
- How is ICMP handled?
At a higher level, we could also address questions such as:
* How can we further push responsibility for performing cryptography
correctly into the crypto (e.g., being responsible for
initialization vectors)? (via David McGrew)
* How can we improve integrity guarantees between security domains
or among system-level components? (via Alfonso De Gregorio)
* How can we improve the practice of transmitting and storing data
at mixed levels of sensitivity? (via Joe Mitola)
Other ideas / questions?
Are there other people / WGs we should get involved?
Lev
_______________________________________________
cryptography mailing list
cryptography@randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography