potential new IETF WG on anonymous IPSec

Joe Touch touch at ISI.EDU
Fri Sep 17 11:02:46 PDT 2004

Ian Grigg wrote:
>> I wouldn't think that the encryption need be opportunistic; in the BGP 
>> backbone world, as you noted, peers are known a-priori, and should 
>> have certs that could be signed by well-known, trusted CAs.
> Let's see if I can make these assumptions clearer, because
> I still perceive that CAs have no place in BGP, and you seem
> to be assuming that they do.

I should have said "could have certs". BGP could use shared secrets or 
CAs; it may be the case that anonymous security (as at least I call it) 
doesn't map well to BGP, in which you usually know who you want to 
trust. It may still help, though - e.g., in the case of the recent TCP 
RST attacks, it would have.

The rest of your note focuses on the difference between two-party trust 
and trust using a shared third party. The former degenerates to the 
latter where I sign your cert, though ;-) I agree that for BGP the 
two-party case is probably more relevant, though there some BGP peerings 
are based on trust relationships of sets of parties that can - or 
already do - have trusted third-party coordination outside BGP.


[demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc]

More information about the cypherpunks-legacy mailing list