To:
<ietf-provreg@cafax.se>
From:
"Scott Rose" <scottr@antd.nist.gov>
Date:
Mon, 26 Mar 2001 16:24:05 -0500
Sender:
owner-ietf-provreg@cafax.se
Subject:
confidentiality and transfers
Some points I noticed when going over the
requirements draft and the notes of the Minn meeting -
1. Since confidentiality is a key issue, and
the provisioning registry protocol is built upon other protocols, it would be
wise to choose something that provides confidentiality at the transport layer
(TLS or another protocol). If the unique "registry handle" is used as the
check to make modifications to a domain registration, the generation and
transmission of that handle must be secured from evedroppers. I use the
term "confidentiality" to mean "encryption of messages in transit", since
"privacy" means different things to different people and it is hard to determine
what "we need privacy" means today.
2. The Minn meeting also pointed out the need
for authentication. In the requirements doc, there is no mention of any
authentication needed for Object Transfer between registrars (Section
3.7). Is this something that might be needed, or is the posession of the
unique registration handle (suposedly supplied by the registrant of the domain
name) enough? It might be necessary to have an authentication of a
registrar by another registrar before any objects are transferred.
Otherwise, an attacker that has aquired the handle for a domain registration
could assume control of it by impersonating another registrar and requesting the
domain to be transferred to the attacker.
Is this last observation valid? Would
registrars need to authenticate themselves before requesting an object
transfer?
Scott
===============================================================
Scott Rose Advanced Network Technologies Division NIST ph:
301-975-8439
fax: 301-590-0932
http://www.nist.gov =============================================================== |