-----Original Message-----
From: ext [mailto:bindignavile.srinivas@xxxxxxxxx]
Sent: Monday, October 28, 2002 4:07 PM
To: abbieb@xxxxxxxxxxxxxxxxxx; eburger@xxxxxxxxxxxxx; ietf-openproxy@xxxxxxx
Subject: RE: Unique Shared Secrets (4.4.2) in opes-authorizationHi,I had a look at the opes-authorization draft again, and I too was not really convinced of the need for "unique" shared secrets for each requestor/responder pair. The only way I can see for the integrity and confidentiality of OPES data (application) flow to be compromised is:1. Two different data streams (with different "content consumers" and same or different "content providers") share the same OPES device.2. One of the two CC's is malicious.3. In this event, if the shared secrets for each requestor/responder pair are not unique, then the integrity and confidentiality of OPES data could be compromised.However, if all the OPES CC's can be trusted, then uniqueness is not needed, IMHO!-Srini-----Original Message-----
From: ext Abbie Barbir [mailto:abbieb@xxxxxxxxxxxxxxxxxx]
Sent: Wednesday, October 23, 2002 10:19 AM
To: eburger@xxxxxxxxxxxxx; OPES Group
Subject: RE: Unique Shared Secrets (4.4.2) in opes-authorization
eric,
The intend here is to secure the Hop-by-hop traffic. We can reaxime the wording and the requirements.
-- This will be added as an action item for the -01 draft.
Abbie
> -----Original Message-----
> From: Eric Burger [mailto:eburger@xxxxxxxxxxxxx]
> Sent: Monday, October 21, 2002 10:35 PM
> To: OPES Group
> Subject: Unique Shared Secrets (4.4.2) in opes-authorization
>
>
>
> Why must the shared secrets be unique for each requestor /
> responder pair? Why do we care? In fact, such a requirement
> opens a security hole: I can guess someone else's key by
> trying to enter keys until the "system" tells me I can't
> because someone else has that key.
>
> I would drop the bullet.
>
>