Re: Conference report - resolving security workshop

[lmccarth@cs.umass.edu]

Raph Levien writes:
# Earlier, I mentioned that two and a half protocols survived the
# day. The remaining one is MSP. It's actually not a bad protocol.

It appears to have been designed by the NSA, so that's not surprising in some
senses. The question is, I think, how much baggage does it bring that's
not really relevant for civilian/commerical use ?

Debate about the use of sensitivity labels has recently resurfaced on the
IPSEC list, although opinion seems to be running quite heavily in favor of
implementing them (at the network layer) so far. 

Bill Stewart writes:
> Where can we find the new specs for MSP?  

With some help from Howard Weiss of Sparta Secure Systems Eng. (in MD), I
finally found an online version. It's in 5 parts, accessible from 
http://bbs.itsi.disa.mil:5580/T3563 (look for MIL-STD-2045-18500). The
web site is set up so as to make it a major pain to cut-and-paste or easily
remember the precise URLs. They're zipped WordPerfect files, so I can't
read them. If someone constructs a copy in ASCII or PostScript or HTML or
something, let me know. 

According to http://www.itsi.disa.mil/dodiis/sec2-62.html, you can read
about MSP in one of the Secure Data Network System (SDNS) Key Management 
Documents (NISTIR 90-4262). MSP is apparently (supposed to be) used in the DMS
(Defense Message System). I think you can order hardcopy of such things from
NIST.

I found an archive of old traffic from the pem-dev list about a
"Preliminary" MSP at:

http://www.eff.org/pub/Privacy/Security/Crypto_misc/dod_pmsp_sdns.standards

-Lewis					"Shit !" -Pres. Richard M. Nixon, 1973