Gorry Fairhurst wrote:
I'm not sure what the issue is here. The paragraph that was cited form I-D seems to be speaking about authentication, which ultimately becomes a host-to-host (or security gateway-to-security gateway, etc).Your text seems to touch on something different: If you are suggesting motivating the advantage of securing the "weakest" link (which at least for eaves-dropping, could be the broadcast link), then this seems a reasonable thing to point to in the introduction perhaps?
Well, about, actually the paragraphs I'm refering to seem to do exactly that, trying to motivate securing the ULE link. What I'm missing in (between) those paragraphs is that _not_ having end-to-end security is not always simply a matter of choice ("...for users who choose not to implement end-to-end security mechanisms.") but it may be impossible to enforce it, so users would like to have at least _some_ security (confidentiality), namely for the "weakest" link, which would be the ULE link. [This is what I was trying to say with the paragraph I was missing from my edits, btw.]
I am not sure if I can make myself clearer. I think it should be in there but if other people think different I will not be pushing this anymore.
Regards, Michael
Gorry Michael Noisternig wrote:Hi,I Agree with Prashants view on this. The reason being it is already mentioned in the draft that wired links are difficult to intercept. IMORight. But my point was not to state once more that the wireless ULE broadcast link is more vulnerable but to present a showcase where there is no way to enforce end-to-end security, and thus to point out more explicitely that a solution for securing the ULE link only is very desirable.This is in contrast to the current draft which only says "...if authentication of the end-point i.e. the IP Sources is required, or users are concerned about loss of confidentiality, integrity or authenticity of their communication data, they will have to employ end-to-end network security mechanisms like IPSec or Transport Layer Security (TLS)."this case is very confusing without adding much to the draft. I propose we let it be as it is. If there are no further comments we are going to submit this version for the last call.Best RegardsSunny