1998-10-15 - FW: IAB statement on “private doorbell” encryption

Header Data

From: Fisher Mark <fisherm@tce.com>
To: “‘cypherpunks’” <cypherpunks@cyberpass.net>
Message Hash: 051194685582e8e32862c5c002a8485281d0cbd62a7f925e42f11b2bd95b71a0
Message ID: <2C396693FBDED111AEF60000F84104A721C01E@indyexch_fddi.indy.tce.com>
Reply To: N/A
UTC Datetime: 1998-10-15 18:08:42 UTC
Raw Date: Fri, 16 Oct 1998 02:08:42 +0800

Raw message

From: Fisher Mark <fisherm@tce.com>
Date: Fri, 16 Oct 1998 02:08:42 +0800
To: "'cypherpunks'" <cypherpunks@cyberpass.net>
Subject: FW: IAB statement on "private doorbell" encryption
Message-ID: <2C396693FBDED111AEF60000F84104A721C01E@indyexch_fddi.indy.tce.com>
MIME-Version: 1.0
Content-Type: text/plain



> From: 	The IAB[SMTP:iab@ietf.org]
> Sent: 	Thursday, October 15, 1998 9:35 AM
> Subject: 	IAB statement on "private doorbell" encryption
> 
> 
> 
> The IAB and IESG are concerned by published descriptions of the
> "private doorbell" approach to resolving the encryption controversy.
> Essentially, the private doorbell requires that encryption and
> decryption be done at a gateway, rather than at an end system; see
> http://www.cisco.com/warp/public/779/govtaff/policy/paper/paper_index.html
> for one description.  This is in conflict with the "end-to-end"
> principle, a fundamental tenet of the Internet architecture.  While
> there is certainly a place for gateway-based encryption in some
> circumstances, to require it in all places (and to exclude end-to-end
> encryption) would warp the protocol structure.  Furthermore, it
> offers a significantly lower level of security, in that there is
> no longer protection against inside attacks, which by all accounts
> are a serious threat.
> 
> In addition, putting all security at the gateway ignores the need
> for different levels of protection in different situations.  For
> some applications, encryption to the gateway may suffice.  Others
> may require encryption and cryptographic authentication of the
> individual machine or even user.  Should a strong encryption
> algorithm be used, or a very efficient one?  It is very difficult
> to make these decisions anywhere but the end-system.  But the
> "private doorbell" scheme would block deployment of such fine-grained
> protection.
> 
> 
==========================================================
Mark Leighton Fisher          Thomson Consumer Electronics
fisherm@indy.tce.com          Indianapolis, IN
"Their walls are built of cannon balls, their motto is
'Don't Tread on Me'"





Thread