W3C home > Mailing lists > Public > ietf-tls@w3.org > April to June 1996

RE: Unreliable transport

From: Dan Simon <dansimon@microsoft.com>
Date: Fri, 26 Apr 1996 11:37:45 -0700
Message-Id: <c=US%a=_%p=msft%l=RED-92-MSG-960426183745Z-33691@abash1.microsoft.com>
To: "'ietf-tls (Transport Layer Security WG)'" <ietf-tls@w3.org>, "'timd@consensus.com'" <timd@consensus.com>
>From: 	timd@consensus.com[SMTP:timd@consensus.com]
>- UDP and other unreliable transports: I don't think support for an
>unreliable protocol is appropriate for this effort. The current
>(SSL & PCT) both provide protection against an opponent blocking
>this can be detected. In SSL 3.0, truncation attacks can be detected.
>an unreliable underlying transport makes it impossible to provide
>protection against this without essentially creating a stream transport
>top of it. I think the standard we create should provide a certain set
>security features which are provided by all implementations of the
>standard, and that protection against these "interruption" attacks
>be a part of it.
>However, we should think about an unreliable transport standard which
>leverage its cipher negotiation and authentication off of the stream

This is exactly what I have in mind when I talk about "datagram
support"--not a substitute for IPSEC, but merely a defined format for
independently decryptable datagrams, so that key management can be
unified in situations where both a reliable transport and an unreliable
one are being used in parallel.

				Daniel Simon
				Cryptographer, Microsoft Corp.

Received on Friday, 26 April 1996 14:38:05 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 20:01:58 UTC