[cryptography] CICM Channels and GSS (was Re: IETF Working Group Charter on Common Interface to Cryptographic Modules (CICM))

Nico Williams nico at cryptonector.com
Fri Jun 24 15:21:42 EDT 2011


On Fri, Jun 24, 2011 at 2:08 PM, Novikov, Lev <lnovikov at mitre.org> wrote:
> Clearly, I need to make a better effort at being educated about GSS-API.
> I'll be in touch with the KITTEN folks, per your suggestion.
>
> In brief, you'd like to know CICM can't use GSS-API and:
>  * use existing secure channel technologies,
>  * enforce privilege separation in a single channel,
>  * bind multiple authentications into a single channel,
>  * or extend GSS-API to meet (other) high assurance needs?
>
> Am I missing anything?

That's about it, assuming the previous context.  Basically, I would
like strong justification for re-inventing wheels we already have.
Sometimes we have to invent new wheels that are similar to, yet
sufficiently distinguished from other wheels -- it's good to know what
are the justifying distinctions.

Thanks!

Nico
--



More information about the cryptography mailing list