Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Path: utzoo!utgpu!water!watmath!clyde!rutgers!seismo!sundc!hqda-ai!cos!howard
From: howard@cos.UUCP
Newsgroups: comp.dcom.lans,comp.protocols.misc
Subject: Re: OSI-model software
Message-ID: <329@cos.COM>
Date: Thu, 18-Jun-87 17:42:20 EDT
Article-I.D.: cos.329
Posted: Thu Jun 18 17:42:20 1987
Date-Received: Sat, 20-Jun-87 02:08:34 EDT
References: <223@diab.UUCP> <233@idacrd.UUCP> <526@alliant.UUCP> <1214@botter.cs.vu.nl>
Organization: Corporation for Open Systems, McLean, VA
Lines: 40
Xref: utgpu comp.dcom.lans:493 comp.protocols.misc:59

In article <1214@botter.cs.vu.nl>, ast@cs.vu.nl (Andy Tanenbaum) writes:
> In article <3002@pyramid.UUCP> sas@pyramid.UUCP (Scott Schoenthal) writes:
> >I believe that Andy knows what he is talking about and I would certainly
> >be interested if he would expand on the criticisms he mentions in his posting.
> Encryption.  ISO seems to be totally unable to get its act together.  Other
> than unambiguous statements that encryption does not belong in the session
> layer or physical layer, it seems that all others are possible, although
> lately I have been hearing noises that maybe presentation is "in" again.
> I think spreading it out all over the place is a disaster.  Logically I
> think it belongs in presentation--it deals with "meaning" in some sense.
> In any event, the current situation is a disaster.
> 

The reason encryption can be defined in multiple layers is that encryption
is used for different purposes in different layers.

The usual view of encryption is that it is intended for protecting
information from viewing by unauthorized readers.  This is not always
true; disclosure of contents in, for example, many financial applications
is no major threat, but real problems could be caused by replaying
legitimate information.  It can be appropriate to encrypt the message
number part of a credit authorization message.

Protection from duplication/replay, sender authentication, avoidance
of repudiation of reception (e.g., registered letters), all are reasons
to encrypt in the application layer.

Transport-layer encryption protects message contents on an end-to-end
basis.  If encryption is done at the transport or presentation layers,
however, message headers must be in clear (or a different cryptosystem)
so that the network and data link layers can extract information
needed to route messages.  In some applications, such as tactical
military systems, it can be important to protect against traffic
analysis:  gaining information by knowing how much traffic, at what times,
are being sent from one endpoint to another.

To protect against traffic analysis, the link level must be encrypted
or physically protected.  Again, this is only needed if traffic analysis
is a concern, or, if for administrative reasons, it's easier to distribute
encryption keys on a link-by-link rather than end-to-end basis.