[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Fwd: ULE SEC REQ draft rev -03

To: ipdvb@erg.abdn.ac.uk
Subject: Re: Fwd: ULE SEC REQ draft rev -03
From: Michael Noisternig <mnoist@cosy.sbg.ac.at>
Date: Mon, 02 Jul 2007 13:55:46 +0200
In-reply-to: <46837118.8000504@erg.abdn.ac.uk>
References: <46837118.8000504@erg.abdn.ac.uk>
Reply-to: ipdvb@erg.abdn.ac.uk
Sender: owner-ipdvb@erg.abdn.ac.uk
User-agent: Thunderbird 2.0.0.4 (Windows/20070604)

Dear draft authors,

I am missing the following particular paragraph from my edits withinsection 3.1 (between the last and the but-last paragraph):

However, the end-points of a communication might not be under central
control (such as when browsing the public internet), and then it may not
be possible to rely on end-to-end security. ULE link security will then
provide protection against attacks on the weakest link within the
communication chain, i.e. the ULE broadcast link (see section 3.2).

I think it is a case important enough to be outlined, i.e. a case wherean "ordinary" end-user (compared to a company) has no possibility toenforce end-to-end security, yet he does not want "the whole world" topotentially see the data he receives (e.g. the web sites he visits).It demonstrates another reason for why ULE link layer security isdesirable, IMO.


Do you disagree?

(The wording of cited paragraph should be reworked in part, though.)

Michael

Gorry Fairhurst wrote:


Dear WG,

The draft below has been uploaded to the I-D archives (and will bepublished soon), please send any comments you may have to this list,particularly on the new sections.

Security requirements for the Unidirectional Lightweight Encapsulation(ULE) protocol

http://www.erg.abdn.ac.uk/ip-dvb/ids/draft-ietf-ipdvb-sec-req-03.txt

Best wishes,

Gorry Fairhurst

-------- Original Message --------
Subject:     RE: ULE SEC REQ draft
Date:     Wed, 27 Jun 2007 16:33:00 +0100
From:     <S.Iyengar@surrey.ac.uk>
To:     <P.Pillai@Bradford.ac.uk>
CC:     <H.Cruickshank@surrey.ac.uk>, <gorry@erg.abdn.ac.uk>,
<stiemerling@netlab.nec.de>, <ppillai@Bradford.ac.uk>
References:     <1182944065.46824b4167bb0@webmail6.brad.ac.uk>

Hi All,

Please find attached the final version of the ULE-SEC-REQ drafts.
We have incorporated all comments and suggestions:
Here is the work history of the draft (v3):

Working Group Draft 03
       o Fixed editorial mistakes and added some important changes as
          pointed out by Gorry Fairhurst.
       o Table 1 added in Section 6.2 to list the different security
          techniques to mitigate the various possible network threats.
       o Figure 2 modified to clearly explain the different interfaces
          present in the framework.
       o New Section 7 has been added.
       o New Section 6 has been added.
       o The previous sections 5 and 6 have been combined to section 5.
       o Sections 3, 8 and 9 have been rearranged and updated with
          comments and suggestions from Michael Noisternig from
          University of Salzburg.
       o The Authors and the Acknowledgments section have been updated.

If there are no more comments we would like Gorry to publish this.

Regards
Sunny

***********************************************************
Sunil Iyengar,
Research Fellow, Networks Group,
Centre For Communication And Systems Research(CCSR),
School of Electronics, Computing & Mathematics,
University Of Surrey, Guildford GU2 7XH,
Surrey, England, United Kingdom.
Office: +44 (0)1483 686008
***********************************************************

Follow-Ups:
- Re: Fwd: ULE SEC REQ draft rev -03
  - From: Prashant Pillai <P.Pillai@Bradford.ac.uk>

Next by Date: Re: Fwd: ULE SEC REQ draft rev -03
Next by thread: Re: Fwd: ULE SEC REQ draft rev -03
Index(es):
- Date
- Thread