[122529] in cryptography@c2.net mail archive
Re: User interface, security, and "simplicity"
daemon@ATHENA.MIT.EDU (James A. Donald)
Mon May 5 19:51:00 2008
Date: Mon, 05 May 2008 10:55:52 +1000
From: "James A. Donald" <jamesd@echeque.com>
To: cryptography@metzdowd.com
In-Reply-To: <20080503233500.6cc229a1@cs.columbia.edu>
Steven M. Bellovin wrote:
> IPsec operates at layer 3, where there are (generally)
> no user contexts. This makes it difficult to bind
> IPsec credentials to a user, which means that it
> inherently can't be as simple to configure as ssh.
>
> Put another way, when you tell an sshd whom you wish
> to log in as, it consults that user's home directory
> and finds an authorized_keys file. How can IPsec -- or
> rather, any key management daemon for IPsec -- do
> that? Per-user SPDs? Is this packet for port 80 for
> user pat or user chris?
>
> I can envision ways around this (especially if we have
> an IP address per user of a system -- I've been
> writing about fine-grained IP address assignment for
> years), but they're inherently a lot more complex than
> ssh.
This is a particular case of the layer problem I have
been ranting about for years: Private and authenticated
sessions at layer X do not in themselves correspond to
private and authenticated sessions at layer Y, and for
users to arrange their affairs so that layer X does
indeed secure layer Y generally requires users to stand
on their heads and stick their right big toe in their
left ear.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
