[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RFDC Opening remarks

To: "'cl-elec-exch@lists.glhec.org'" <cl-elec-exch@lists.glhec.org>
Subject: RFDC Opening remarks
From: "Alley, Dennis" <dennis.alley@tgslc.org>
Date: Wed, 29 Jul 1998 16:52:43 -0500
Sender: owner-cl-elec-exch@lists.glhec.org


The discussion of key-management should include the following
fundamental points: 

Simple capture of the userid, password, public key (ring) and private
key file will jeopardize the key set and the risk of capture is
essentially the same for all of the various key management techniques.

Public key (rings) are meant to be PUBLIC.  The capture of all matching
elements (user id, password, public key and private-key) are required
for compromise of the key-set.  Reasonable caution exercised by the user
should add considerably to the level of confidence in a key-set.

At this point, we do not have an acceptable solution to offer.  We have,
however, spent considerable time discussing scenarios and have arrived
at the issues detailed in the associated scenarios opened for comment.

Balanced against the value of the data we are seeking to secure, it
seems that we must decide whether the present schema, or any other
design for that matter, is adequate to ensure security.  To what level
and at what cost are we to go to protect the perceived value of our
data?

We will post our best model on the list server in a separate
transmission.

Prev by Date: RFDC Scenario three
Next by Date: CmnLn Elec Exch: 7/23/98 Minutes
Prev by thread: RFDC Scenario three
Next by thread: CmnLn Elec Exch: 7/23/98 Minutes
Index(es):
- Date
- Thread