rfc2316.txt

著名的RFC文档,其中有一些文档是已经翻译成中文的的.

         other protocols.

      DNSsec [RFC 2065] is not only crucial for protecting the DNS --
         cache contamination is the easiest way to launch active attacks
         -- it's also needed in many situations when IPsec is used.

      Security/Multipart [RFC 1847] is the preferred way to add secured
         sections to MIME-encapsulated email.

      Signed keys in the DNS.  There is, as noted, widespread agreement
         that DNS records themselves must be protected.  There was less
         agreement that the key records should be signed themselves,
         making them in effect certificates.  Still, this is one
         promising avenue for Internet certificates.

      X.509v3 is the other obvious choice for a certificate
         infrastructure.  Again, though, there was no strong consensus
         on this point.

      TLS [TLS draft] was seen by some as the preferred choice for
         transport-layer security, though there was no consensus on this
         point.  TLS is less intrusive to the operating system than
         IPsec; additionally, it is easier to provide fine-grained
         protection this way.



Bellovin                     Informational                      [Page 5]

RFC 2316                   Report of the IAB                  April 1998


   Some protocols were designated as "useful but not core".  These were
   insufficiently general, too new, or were substantially duplicative of
   core protocols.  These include AFT/SOCKS, RADIUS, firewalls, GSS-API,
   PGP, Kerberos, PGP-MIME, PKIX-3, the various forms of per-hop
   authentication (OSPF, RSVP, RIPv2), *POP, OTP, S/MIME, SSH, PFKey,
   IPsec API, SASL, and CRAM/CHAP.  Obviously, entries on this list may
   move in either direction.

   A few protocols were considered "not useful".  Primarily, these are
   ones that have failed to catch on, even though they've been available
   for some time.  These include PEM [RFC 1421, 1422, 1423, 1424] and
   MOSS [RFC 1848].  (The phrase "not useful" does not imply that they
   are incorrect, or are lacking in important information.  However,
   they do not describe protocols that we are currently encouraging the
   use of.)

   One security mechanism was deemed to be unacceptable:  plaintext
   passwords.  That is, no protocol that relies on passwords sent over
   unencrypted channels is acceptable.


11. Missing Pieces

   Participants in the workshop identified three significant missing
   pieces: object security, secure email, and route security.

   Object security refers to protection for individual data objects,
   independent of transport.  We have one such already -- Secure DNS --
   but we need a me general scheme.  MIME is a candidate object
   framework, in part because it is the core of the two most widely used
   and deployed applications: the web and email.  However, securing
   email has been problematic and the web is not that far in front.

   Secure email is a critical need and has been for some time.  Two
   attempts to standardize secure email protocols (PEM and MOSS) have
   failed to be accepted by the community, while a third protocol (PGP)
   has become a de facto standard around the world.  A fourth protocol,
   an industry standard (S/MIME), has been gaining popularity.  Both of
   these latter of entered the Internet standards process.

   Route security has recently become a critical need.  The
   sophistication of the attackers is on the rise and the availability
   of attacking toolkits has increased the number of sophisticated
   attacks.  This task is especially complex because the requirement for
   maximum performance conflicts with the goal of adding security, which
   usurps resources that would otherwise enhance the performance of the
   router.




Bellovin                     Informational                      [Page 6]

RFC 2316                   Report of the IAB                  April 1998


12. Security Considerations

   Security is not and cannot be a cookie cutter process.  There is no
   magic pixie dust that can be sprinkled over a protocol to make it
   secure.  Each protocol must be analyzed individually to determine
   what vulnerabilities exist, what risks they may lead to, what
   palliative measures can be taken, and what the residual risks are.


13. Acknowledgments

   This RFC is largely based on the minutes compiled by Thomas Narten,
   whose work in turn was partly based on notes by Erik Huizer, John
   Richardson, and Bob Blakley.


14. References

      [RFC 1825] Atkinson, R., "Security Architecture for the Internet
         Protocol", RFC 1825, August 1995.

      [RFC 2104] Krawcyzk, H., Bellare, M., and R. Canett, "HMAC:
         Keyed-Hashing for Message Authentication", RFC 2104, February
         1997.

      [ISAKMP drafts] Works in Progress.

      [RFC 2065] Eastlake, D., and C. Kaufman, "Domain Name System
         Security Extensions", RFC 2065, January 1997.

      [RFC 1847] Galvin, J., Murphy, S., Crocker, S., and N. Freed,
         "Security Multiparts for MIME: Multipart/Signed and
         Multipart/Encrypted", RFC 1847, October 1995.

      [TLS draft] Dierks, T., and C. Allen, "The TLS Protocol Version
         1.0", Work in Progress.

      [RFC 1421] Linn, J., "Privacy Enhancement for Internet Electronic
         Mail: Part I: Message Encryption and Authentication
         Procedures", RFC 1421, February 1993.

      [RFC 1422] Kent, S., "Privacy Enhancement for Internet Electronic
         Mail: Part II: Certificate-Based Key Management", RFC 1422,
         February 1993.

      [RFC 1423] Balenson, D., "Privacy Enhancement for Internet
         Electronic Mail: Part III: Algorithms, Modes, and Identifiers",
         RFC 1423, February 1993.



Bellovin                     Informational                      [Page 7]

RFC 2316                   Report of the IAB                  April 1998


      [RFC 1424] Kaliski, B. "Privacy Enhancement for Internet
         Electronic Mail: Part IV: Key Certification and Related
         Services", RFC 1424, February 1993.

      [RFC 1848] Crocker, S., Freed, N., Galvin, J. and S. Murphy, "MIME
         Object Security Services", RFC 1848, October 1995.


Appendix A. Attendees

     Ran Atkinson      rja@inet.org
     Fred Baker        fred@cisco.com
     Steve Bellovin    bellovin@acm.org
     Bob Blakley       blakley@vnet.ibm.com
     Matt Blaze        mab@research.att.com
     Brian Carpenter   brian@hursley.ibm.com
     Jim Ellis         jte@cert.org
     James Galvin      galvin@commerce.net
     Tim Howes         howes@netscape.com
     Erik Huizer       Erik.Huizer@sec.nl
     Charlie Kaufman   charlie_kaufman@iris.com
     Steve Kent        kent@bbn.com
     Paul Krumviede    paul@mci.net
     Marcus Leech      mleech@nortel.ca
     Perry Metzger     perry@piermont.com
     Keith Moore       moore@cs.utk.edu
     Robert Moskowitz  rgm@htt-consult.com
     John Myers        jgm@CMU.EDU
     Thomas Narten     narten@raleigh.ibm.com
     Radia Perlman     radia.perlman@sun.com
     John Richardson   jwr@ibeam.jf.intel.com
     Allyn Romanow     allyn@mci.net
     Jeff Schiller     jis@mit.edu
     Ted T'So          tytso@mit.edu


Appendix B. Author Information

   Steven M. Bellovin
   AT&T Labs Research
   180 Park Avenue
   Florham Park, NJ  07932
   USA

   Phone: (973) 360-8656
   EMail: bellovin@acm.org





Bellovin                     Informational                      [Page 8]

RFC 2316                   Report of the IAB                  April 1998


Full Copyright Statement

   Copyright (C) The Internet Society (1998).  All Rights Reserved.

   This document and translations of it may be copied and furnished to
   others, and derivative works that comment on or otherwise explain it
   or assist in its implementation may be prepared, copied, published
   and distributed, in whole or in part, without restriction of any
   kind, provided that the above copyright notice and this paragraph are
   included on all such copies and derivative works.  However, this
   document itself may not be modified in any way, such as by removing
   the copyright notice or references to the Internet Society or other
   Internet organizations, except as needed for the purpose of
   developing Internet standards in which case the procedures for
   copyrights defined in the Internet Standards process must be
   followed, or as required to translate it into languages other than
   English.

   The limited permissions granted above are perpetual and will not be
   revoked by the Internet Society or its successors or assigns.

   This document and the information contained herein is provided on an
   "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING
   TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING
   BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION
   HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF
   MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
























Bellovin                     Informational                      [Page 9]