[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: security considerations wrt/ draft-ietf-ipdvb-arch-01.txt



Hi Rod,

On Fri, 29 Oct 2004 Rod.Walsh@nokia.com wrote:

> George's observations are valid, but I an sure that mandiating a link
> level security will significantly reduce the deployability of this
> architecture. In the short and medium term there is no hope of
> convergence to a single "MPEG2-TS link layer security" method.

So what I think I hear you saying here is that the IPDVB is not one link
layer really, but "N" different vendor-specific link layers, each with
their own link layer security service. is this a fair assessment?

It seems to me, IPDVB without security is a non-starter. Yet the above
would lead me to conclude that there is a tacit assumption that IPDVB
implementations are vendor-specific.

When I contrast this aspect of IPDVB with the IEEE 802.11 and IEEE 802.16
wireless standards, the lack of a common security service looks to be a
barrier to its acceptance, economies of scale, and a widespread
interoperability between different IPDVB vendor's equipment.

> So I think George is right when he asks for a "definition of what that
> security service is, and how it would be integrated with the IP layer
> related services, such as DVB address resolution" - the document is
> well on the way to this. However, the architecture needs to be modular
> enough to enable the current mix of solutions to be used and make
> space for future ones.

Agreed. For starters, I would like to see a list of references enumerating
the relevant security services, assuming they are in the public domain

>
> IMHO, some requirements and guidelines on the link layer security would be sufficient.

That would be a good first step, although I am not confident that such
guidelines will be enough to avoid a future security exposure along the
lines that I sketched. Or other scenarios yet to be discussed that lurk in
the IPDVB link layer. Unfortunately, since this is an informational
document, its statements are not normative. A vendor could claim IPDVB
compliance even if its products are not secure.

Given what we saw with the 802.11b security debacle, it would be
worthwhile to have a strong industry-wide IPDVB security standard. If one
of the IPDVB vendors doesn't "get it right" like as happened with 802.11b,
then all IPDVB deployments get a publicity blackeye even if their own
respective security service is adequate.

What I think this all points to is the need for a standards track IPDVB
security protocol document that straddles the vendor-specific DVB link
layers. I don't know IPDVB history in other SDO, so this may have already
been tried and stalled in those venues. Could someone who knows that
history please offer some perspective?

In the IETF MSEC venue, we do have IP-layer candidate solutions that could
be extended and applied to IPDVB's problem. Would this working group
consider such an approach?

br,
	George

<snip the rest to save bandwidth>