User interface, security, and "simplicity"
James A. Donald
jamesd at echeque.com
Sun May 4 20:55:52 EDT 2008
Steven M. Bellovin wrote:
> IPsec operates at layer 3, where there are (generally)
> no user contexts. This makes it difficult to bind
> IPsec credentials to a user, which means that it
> inherently can't be as simple to configure as ssh.
>
> Put another way, when you tell an sshd whom you wish
> to log in as, it consults that user's home directory
> and finds an authorized_keys file. How can IPsec -- or
> rather, any key management daemon for IPsec -- do
> that? Per-user SPDs? Is this packet for port 80 for
> user pat or user chris?
>
> I can envision ways around this (especially if we have
> an IP address per user of a system -- I've been
> writing about fine-grained IP address assignment for
> years), but they're inherently a lot more complex than
> ssh.
This is a particular case of the layer problem I have
been ranting about for years: Private and authenticated
sessions at layer X do not in themselves correspond to
private and authenticated sessions at layer Y, and for
users to arrange their affairs so that layer X does
indeed secure layer Y generally requires users to stand
on their heads and stick their right big toe in their
left ear.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list