Path: utzoo!utgpu!watserv1!watmath!att!pacbell.com!ames!think.com!linus!agate!ucbvax!RHINO.NCSL.NIST.GOV!tebbutt
From: tebbutt@RHINO.NCSL.NIST.GOV (John Tebbutt)
Newsgroups: comp.protocols.iso.dev-environ
Subject: Re: The innards of the FTAM implementation
Message-ID: <9102121539.AA21283@rhino.ncsl.nist.gov>
Date: 12 Feb 91 15:39:48 GMT
Sender: daemon@ucbvax.BERKELEY.EDU
Distribution: inet
Organization: National Institute of Standards and Technology (NIST)
Lines: 30

>I would have thought that level 6, being the Presentation Layer, would
>be a logical place _within_ which do perform encryption & decryption?

Depends on the kind of en/decryption you want. If you wanted to do it
within the Presentation layer, you would need to internationally
standardize just how you were going to do it in order to be able to
interoperate with other systems which may or may not know how to handle
your encryption: there would have to be something in the Presentaion
PDU to indicate to the receiving Presentation entity whether the user
data had been scrambled wholesale, and by what means. Without this, a
non-encrypting Presentation implementation would take the scrambled
user data, pass it up to layer 7 unaltered, and the application would
be saddled with a PDU it could not process.
 
In practice, organizations do not want nor need to encrypt the OSI
protocol structure itself, but merely the data they are using the
protocols to transmit.  In the case of Ciaran's FTAM, it would seem
more sensible to encrypt the application user data in the application
layer, then all protocol control info remains intact and the worst that
can happen is that the FTAM implementation at the receiving end
produces a file which looks like garbage because it didn't know the
file data was encrypted.
 
Having said all this, I'm no security expert ! I would be eager to hear any
better ideas !

        JT

PS What's a munnari ?