Re: Fwd: ULE SEC REQ draft rev -03

[Gorry Fairhurst <gorry@erg.abdn.ac.uk>]

I'm not sure what the issue is here. The paragraph that was cited form 
I-D seems to be speaking about authentication, which ultimately becomes 
a host-to-host (or security gateway-to-security gateway, etc).

Your text seems to touch on something different: If you are suggesting 
motivating the advantage of securing the "weakest" link (which at least 
for eaves-dropping, could be the broadcast link), then this seems a 
reasonable thing to point to in the introduction perhaps?

Gorry


Michael Noisternig wrote:
> Hi,
>
> > I Agree with Prashants view on this. The reason being it is already 
> > mentioned in the draft that wired links are difficult to intercept. IMO 
>
>
> Right. But my point was not to state once more that the wireless ULE 
> broadcast link is more vulnerable but to present a showcase where there 
> is no way to enforce end-to-end security, and thus to point out more 
> explicitely that a solution for securing the ULE link only is very 
> desirable.
> This is in contrast to the current draft which only says
> "...if authentication of the end-point i.e. the IP Sources is required,
>        or users are concerned about loss of confidentiality, integrity
>        or authenticity of their communication data, they will have to
>        employ end-to-end network security mechanisms like IPSec or
>        Transport Layer Security (TLS)."
>
> > this case is very confusing without adding much to the draft. I 
> > propose we let it be as it is. If there are no further comments we are 
> > going to submit this version for the last call.
> >
> >
> > Best Regards
> > Sunny