Re: IP Address in the ACM (Was: Comments on Access ControlModel - BNF)

[robert byrne <robert.byrne@Sun.COM>]

I don't think we should put optional things in the spec--it will create
interoperability problems.

I don't see why you are particularly down on ip address subjects, but a
subject with simple authentication doesn't seem to bother you.  I mean,
in practice I would say there is not much difference in the risk
involved in granting rights based on ip addresses and granting rights to
a subject with an authentication level of "simple".

The point is that, depending on the environment, these might well be
useful and acceptable ways of granting rights.  As such I think we
should keep the ip address subject, with the kind of warnings you
suggest.

Rob.

"Kurt D. Zeilenga" wrote:
> 
> At 10:59 AM 4/4/01 -0700, Paul Leach wrote:
> >I hope that IP addresses as subjects are OPTIONAL, and that the security
> >considerations section is appropriately negative on their security.
> >
> >In fact, I believe they should be a SHOULD NOT in the spec -- i.e., you
> >must have good reason to believe that they are secure before you use
> >them.
> 
> I concur.
> 
> I also note that DNS names have all the security concerns of
> the IP Addresses they are derived from and the DNS system
> used to generate them.