[ietf-enroll] Please help with TTI model document v2

max pritikin pritikin at cisco.com
Fri Oct 8 01:32:24 EDT 2004 

On Thu, 2004-10-07 at 20:46, Jim Schaad wrote:
> Max,
> 
> So this means that you would consider a data port line between the two
> entities to be a mediated data flow since there is bi-direction
> communication.

In a manner of speaking. When we discuss a simple direct physical
connection the full model may feel unwieldy. Consider section 4.2 (where
figure 4 is similar to what you describe, a direct data port line
between two entities):

>  This is essentially equivalent to a mediated introduction where the
>    initial connection between (I) and (P) is un-authenticated and the
>    (I) to (R) connection is ignored.  As noted above the TTI entities
>    are logical and may be both provided by the same physical system thus
>    (I) to (R) can safely be considered an internal communication path
>    (and thus physically secured).

If I-P is authenticated then the value of the model becomes more clear.
Particularly if I-R also happens to be some intra process communication
channel which may include it's own authentication/authorization
mechanisms. 

I hope that the model would now allow us to consider the security
aspects of the introduction as it is effected by the relationship
between the various possible data port (I-P) authentication mechanisms
and the various possible intra process communication authentication
mechanisms. (Where direct physical secure connections and a flat shared
memory model are only the simplest instantiations of the model).

	- max


> jim 
> 
> > -----Original Message-----
> > From: max pritikin [mailto:pritikin at cisco.com] 
> > Sent: Wednesday, October 06, 2004 8:36 PM
> > To: jimsch at exmsft.com
> > Cc: ietf-enroll at mit.edu
> > Subject: RE: [ietf-enroll] Please help with TTI model document v2
> > 
> > Hi Jim,
> > 
> > I don't think the difference is in the introducer's behaviour so much
> > as:
> > 
> > >    A courier introduction could be said to be one in which 
> > one element
> > >    of the exchange does not supply any introduction material (or
> > >    possibly that the material is supplied and the remote element
> > >    refuses/ignores them).
> > 
> > Where in a mediated introduction there is a bi-directional data flow.
> > Namely that in Figure 5 the petitioner would send some 
> > introduction data (such as a public key, hash of a secret 
> > key, cleartext secret key etc) back.  
> > 
> > 	- Max
> > 
> > On Wed, 2004-10-06 at 20:07, Jim Schaad wrote:
> > >  Max,
> > > 
> > > I am in the process of reviewing this document.  During this time I 
> > > have come across a problem in my thinking and I was hoping that you 
> > > could potentially do some clarification for me.
> > > 
> > > When comparing the Courier and Mediated data flow modes.  
> > What do you 
> > > see as the difference in the responsiblities/activiites of 
> > the introducer?
> > > 
> > > Jim
> > > 
> > 
> > 
>

More information about the ietf-enroll mailing list