And of course, the asymmetric solution is not the one that is currently in the document.
> -----Original Message----- > From: Hannes Tschofenig [mailto:hannes.tschofe...@gmx.net] > Sent: Tuesday, March 7, 2017 11:14 AM > To: Derek Atkins <de...@ihtfp.com>; peter van der Stok > <stokc...@xs4all.nl> > Cc: Jim Schaad <i...@augustcellars.com>; 'Kepeng Li' <kepeng.lkp@alibaba- > inc.com>; consulta...@vanderstok.org; Ace@ietf.org > Subject: Re: [Ace] Call for adoption for draft-somaraju-ace-multicast-02 > > Hi Derek > > we discussed the requirements quite a bit in the group already and the > conclusion of the discussion was that we provide two solutions, one based > on symmetric keys and the other based on asymmetric keys. > > The asymmetric key solution provides authentication of the individual sender > where the symmetric key solution demonstrates knowledge of the group > key. > > Ciao > Hannes > > > On 03/07/2017 06:23 PM, Derek Atkins wrote: > > Peter, > > > > peter van der Stok <stokc...@xs4all.nl> writes: > > > >> After reading Jim's statement, my position is a bit different. > >> Multicast security is severely needed. > >> Not making it a WG document augments the risk that the subject is > >> frozen and no progress is made. > >> To guarantee progress, adoption seems to me the right way forward. > > > > Can you please define what you mean by "Multicast Security"? Are you > > just looking for Group Confidentiality? Do you want Group Message > > Integrity without Source Authentication? Do you want Source > > Authentication? "multicast security" is too generic a term by itself > > and as others have pointed out depending on which specific security > > services you're talking about you will get a multitude of (potentially > > conflicting) requirements. For example, you cannot get source > > authentication with a shared-key-only solution. > > > > I recommend that, before adoption, an explicit set of requirements be > > defined and inserted into the scope. > > > >> Peter > >> > >> Jim Schaad schreef op 2017-03-07 02:55: > >>> After thinking about this for a long time, I will reluctantly state > >>> a position. > >>> > >>> I do not believe that the WG should adopt this document at least > >>> until such a time as a version has been released which does a > >>> substantially better job of restricting the scope of the problem to > >>> be solved. If the WG then decides to relax that scope so be it. > >>> > >>> Jim > > > > -derek > > _______________________________________________ Ace mailing list Ace@ietf.org https://www.ietf.org/mailman/listinfo/ace
