Semantic Model Mail Archive: SM> IPPFAX Security issue

SM> IPPFAX Security issue

From: McDonald, Ira (imcdonald@sharplabs.com)
Date: Wed Jan 28 2004 - 17:57:36 EST

  • Next message: Wagner,William: "RE: SM> IPPFAX Security issue"

    Hi,

    This topic came up during today's ongoing review of the
    IPPFAX Protocol spec. It affects implementing IPPFAX/1.0
    along with any other protocol on the same device or server.

    Given the basic network security principal:

    "The actual security level of a given service instance
    depends on the _least_ secure protocol interface of
    _any_ service on the same host system."

    I propose that the IPPFAX/1.0 Protocol spec should say:

    "A host system with an enabled IPPFAX/1.0 Receiver (as
    defined in this document) MUST NOT enable any other
    protocol configured with less security than IPPFAX/1.0
    (i.e., less secure than TLS/1.0 [RFC2246] with required
    server authentication and optional client authentication).

    Note: Equivalent security to IPPFAX/1.0 can be achieved
    by the object security defined in S/MIME [RFC2633], or
    by the stream security defined in Secure Shell Protocol
    [draft-ietf-secsh-architecture-15.txt - in IESG queue],
    or by many other strong security mechanisms. But such
    protocols as SNMPv1 [RFC1157] or IPP/1.1 without TLS/1.0
    MUST NOT be enabled on a host system with a currently
    enabled IPPFAX/1.0 Receiver."

    Comments?

    Cheers,
    - Ira

    Ira McDonald (Musician / Software Architect)
    Blue Roof Music / High North Inc
    PO Box 221 Grand Marais, MI 49839
    phone: +1-906-494-2434
    email: imcdonald@sharplabs.com



    This archive was generated by hypermail 2b29 : Wed Jan 28 2004 - 17:57:53 EST