[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
More IESG review comments
From: Russ Housley [mailto:email@example.com]
Sent: dinsdag 29 april 2003 23:14
Section 16.1 says:
o Security mechanism should provide for well defined key
management schemes. The key management schemes should be well
analyzed to be cryptographically secure. The key management
schemes should be scalable.
I think that automated key management SHOULD be provided.
Section 16.2 recommends the use of AH in tunnel mode. I would greatly
prefer ESP in tunnel mode, even if confidentiality is not turned on. In my
opinion, ESP with integrity-only security associations is better.
In section 16.2, the term "crypto channel" is not clear. Usually, it
means "IPsec security association." Yet, sometimes it refers to both the
IKE SA as well as the IPsec SA. I think that IKE SA and IPsec SA can be used.
In section 16.2, please change "man-in-the middle attacks" to
Section 16.2 says:
Digital signature based authentication is not prone to such
problems. It is recommended using digital signature based
authentication mechanism where possible. If pre-shared key based
authentication is required, then aggressive mode SHOULD be used.
IKE pre-shared authentication key values SHOULD be protected in a
manner similar to the user's account password.
Please change "recommended" to upper case.