ad hoc IPsec or similiar
Nicolas Williams
Nicolas.Williams at sun.com
Tue Jun 26 15:49:22 EDT 2007
On Fri, Jun 22, 2007 at 10:43:16AM -0700, Paul Hoffman wrote:
> Note that that RFC is Informational only. There were a bunch of
> perceived issues with it, although I think they were more purity
> disagreements than anything.
>
> FWIW, if you do *not* care about man-in-the-middle attacks (called
> active attacks in RFC 4322), the solution is much, much simpler than
> what is given in RFC 4322: everyone on the Internet agrees on a
> single pre-shared secret and uses it. You lose any authentication
> from IPsec, but if all you want is an encrypted tunnel that you will
> authenticate all or parts of later, you don't need RFC 4322.
>
> This was discussed many times, and always rejected as "not good
> enough" by the purists. Then the IETF created the BTNS Working Group
> which is spending huge amounts of time getting close to purity again.
That's pretty funny, actually, although I don't quite agree with the
substance (surprise!) :)
Seriously, for those who merely want unauthenticated IPsec, MITMs and
all, then yes, agreeing on a globally shared secret would suffice.
For all the other aspects of BTNS (IPsec connection latching [and
channel binding], IPsec APIs, leap-of-faith IPsec) agreeing on a
globally shared secret does not come close to being sufficient.
Nico
--
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list