Re: Single SignOn

[Diane.Davidowicz () ISO NOAA GOV (Diane Davidowicz)]

Ben Grubin wrote:

> > -----Original Message-----
> > From: Vanna P. Rella [mailto:vamprella () chickmail com]
> > Sent: Thursday, February 24, 2000 2:44 PM
> > To: Ben Grubin
> > Cc: VULN-DEV () SECURITYFOCUS COM
> > Subject: RE: Single SignOn
> >
> > Wow, didn't realize it's using UDP. UDP is traditionally
> > insecure. However, if they're using crypto APIs, wouldn't
> > that solve the problem?
>
> UDP in and of itself is not insecure,

Ben

Hmmm, with all due respect to you, especially since this is getting slightly
off-topic, the entire IP protocol suite is insecure as they have absolutely no
security mechanisms built in (the security option field, RFC 1108, that does
exist in the IP header is used almost entirely by the US's DOD for Orange Book
type compliance and are not used to secure IP protocols themselves). Thus the
evolution of IPsec. Even RFC 2401, the RFC for IPsec, implies IP as lacking
security by design (see excerpt below). I will refrain from listing all the
security issues involved with just the headers of IP/TCP/UDP/IGMP/ICMP/etc.
(i.e., there's enough info out there on this), and avoid any additional on
discussion about how applications don't always make correct use of the
IP protocols, which can typically lead to application vulnerabilities (I
believe you may be implying this when you said that UDP statement above). This
is a distinction, I believe, that should be made.

> From RFC2401 (RFC for IPsec):

   "The set of
   security services offered includes access control, connectionless
   integrity, data origin authentication, protection against replays (a
   form of partial sequence integrity), confidentiality (encryption),
   and limited traffic flow confidentiality.  These services are
   provided at the IP layer, offering protection for IP and/or upper
   layer protocols."

Diane

Disclaimer:  These are my own opionions and do not reflect the opinions of my
employers.