Re: Provisioning, Password Strength (was RE: comments)

[George Jones <gmj@pobox.com>]

On Tue, 24 Jun 2003, Chris Lonvick wrote:

> > >
> > > I like that approach as well.  It may be good to differentiate between
> > > provisioning and managing as well.  There are a lot of problems associated
> > > with provisioning which are similar to configuration but are much more
> > > difficult to address.
> >
> > Examples ?   Any cases where I've got things mixed now ?
>
> I need to do a thorough read-through of the document but at this time I
> don't see that the two are unmixed.  :-)  My concern here is that an
> attacker may intercept communications during the initial provisioning of a
> remote device, or they may substitute a device with the hopes that an
> administrator will configure it as a valid device and leave sensitive
> information in it which would then be easily retrievable by the attacker.
> Changing the configuration of an existing device may not be as susceptible
> to this problem as the administrator should have some way to validate that
> it is actually a member of the flock, and not a rogue or a decoy.
...
>
> Is this thought worthy of being included in the document, or is that a bit
> too far reaching at this time?  It may be best to place a note in the
> Security Considerations section with an overall warning of this if that's
> acceptable.

I think we've got our hands full at the moment.  I'll add a note to
the security considerations section.

---George