At 02:37 AM 9/14/97 -0400, Alex \"Mr. Worf\" Yuriev wrote:
Quoting Radia Perlman:
"The goal is to design a network that will guarantee that a packet transmitted between two nonfaulty end systems A and B will have a high probability of being delivered, provided that at least one path consists of nonfaulty components connects the two end systems. [...] The network layer makes no attempt to keep conversations private. If privacy is necessary, encryption must be done at a higher layer. Also, the network layer need not certify data that it delivers. For instance, it is possible for some malicious node C to generate data, get it delivered to B, and claim that the data was from A. It is up to the higher layer in B to differentiate between corrupted or counterfeit data and real data, using known cryptographic techniques".
Well, then he is *WRONG*. Authentication and privacy should be a function of the network layer, not the application layer because it is a lot easier to attack application layer encryption compared to lower layers.
Radia is a she. Anyone who has been in this field for more than 2 years should know that even if you can't guess what tli or pst or Yakov are :-) -Hank
a packet transmitted between two nonfaulty end systems A and B will have a high probability of being delivered, provided that at least one path consists of nonfaulty components connects the two end systems. [...] The network layer makes no attempt to keep conversations private. If privacy is necessary, encryption must be done at a higher layer. Also, the network layer need not certify data that it delivers. For instance, it is possible for some malicious node C to generate data, get it delivered to B, and claim that the data was from A. It is up to the higher layer in B to differentiate between corrupted or counterfeit data and real data, using known cryptographic techniques".
Well, then he is *WRONG*. Authentication and privacy should be a function of the network layer, not the application layer because it is a lot easier to attack application layer encryption compared to lower layers.
Radia is a she. Anyone who has been in this field for more than 2 years should know that even if you can't guess what tli or pst or Yakov are :-)
Quoting Marcus Ranum: "I do not care who or what that is as long as it makes sense". Alex
a packet transmitted between two nonfaulty end systems A and B will have a high probability of being delivered, provided that at least one path consists of nonfaulty components connects the two end systems. [...] The network layer makes no attempt to keep conversations private. If privacy is necessary, encryption must be done at a higher layer. Also, the network layer need not certify data that it delivers. For instance, it is possible for some malicious node C to generate data, get it delivered to B, and claim that the data was from A. It is up to the higher layer in B to differentiate between corrupted or counterfeit data and real data, using known cryptographic techniques".
Well, then he is *WRONG*. Authentication and privacy should be a function of the network layer, not the application layer because it is a lot easier to attack application layer encryption compared to lower layers.
Radia is a she. Anyone who has been in this field for more than 2 years should know that even if you can't guess what tli or pst or Yakov are :-)
Quoting Marcus Ranum: "I do not care who or what that is as long as it makes sense".
Alex
Oh, Radia makes sense. Its just that your assumptions and hers differ. -- --bill
participants (3)
-
Alex "Mr. Worf" Yuriev -
bmanning@ISI.EDU -
Hank Nussbacher