FW: IAB statement on "private doorbell" encryption

[Fisher Mark]

> From: 	The IAB[SMTP:iab at ietf.org]
> Sent: 	Thursday, October 15, 1998 9:35 AM
> Subject: 	IAB statement on "private doorbell" encryption
> 
> 
> 
> The IAB and IESG are concerned by published descriptions of the
> "private doorbell" approach to resolving the encryption controversy.
> Essentially, the private doorbell requires that encryption and
> decryption be done at a gateway, rather than at an end system; see
> http://www.cisco.com/warp/public/779/govtaff/policy/paper/paper_index.html
> for one description.  This is in conflict with the "end-to-end"
> principle, a fundamental tenet of the Internet architecture.  While
> there is certainly a place for gateway-based encryption in some
> circumstances, to require it in all places (and to exclude end-to-end
> encryption) would warp the protocol structure.  Furthermore, it
> offers a significantly lower level of security, in that there is
> no longer protection against inside attacks, which by all accounts
> are a serious threat.
> 
> In addition, putting all security at the gateway ignores the need
> for different levels of protection in different situations.  For
> some applications, encryption to the gateway may suffice.  Others
> may require encryption and cryptographic authentication of the
> individual machine or even user.  Should a strong encryption
> algorithm be used, or a very efficient one?  It is very difficult
> to make these decisions anywhere but the end-system.  But the
> "private doorbell" scheme would block deployment of such fine-grained
> protection.
> 
> 
==========================================================
Mark Leighton Fisher          Thomson Consumer Electronics
fisherm at indy.tce.com          Indianapolis, IN
"Their walls are built of cannon balls, their motto is
'Don't Tread on Me'"