Physical Link Security Type of Service
RFC 1455
Document | Type |
RFC - Experimental
(May 1993; No errata)
Obsoleted by RFC 2474
Was draft-eastlake-linksectos (individual)
|
|
---|---|---|---|
Author | Donald Eastlake | ||
Last updated | 2013-03-02 | ||
Stream | Legacy | ||
Formats | plain text html pdf htmlized bibtex | ||
Stream | Legacy state | (None) | |
Consensus Boilerplate | Unknown | ||
RFC Editor Note | (None) | ||
IESG | IESG state | RFC 1455 (Experimental) | |
Telechat date | |||
Responsible AD | (None) | ||
Send notices to | (None) |
Network Working Group D. Eastlake, III Request for Comments: 1455 Digital Equipment Corporation May 1993 Physical Link Security Type of Service Status of this Memo This memo defines an Experimental Protocol for the Internet community. Discussion and suggestions for improvement are requested. Please refer to the current edition of the "IAB Official Protocol Standards" for the standardization state and status of this protocol. Distribution of this memo is unlimited. Abstract This RFC documents an experimental protocol providing a Type of Service (TOS) to request maximum physical link security. This is an addition to the types of service enumerated in RFC 1349: Type of Service in the Internet Protocol Suite. The new TOS requests the network to provide what protection it can against surreptitious observation by outside agents of traffic so labeled. The purpose is protection against traffic analysis and as an additional possible level of data confidentiality. This TOS is consistent with all other defined types of service for IP version 4 in that it is based on link level characteristics and will not provide any particular guaranteed level of service. 1. Nature of Requirement This Internet Protocol addition addresses two potential security requirements: resistance to traffic analysis and confidentiality. These are described in the two subsections below followed by a discussion of why links have different levels of physical security so that it is meaningful to request that more secure links be used. 1.1 Traffic Analysis At this time all Internet Protocol (IP) packets must have most of their header information, including the "from" and "to" addresses, in the clear. This is required for routers to properly handle the traffic even if a higher level protocol fully encrypts all bytes in the packet after the IP header. This renders even end-to-end encrypted IP packets subject to traffic analysis if the data stream can be observed. While traffic statistics are normally less sensitive than the data content of packets, in some cases activities of hosts or users are deducible from traffic information. Eastlake [Page 1] RFC 1455 Link Security TOS May 1993 It is essential that routers have access to header information, so it is hard to protect traffic statistics from an adversary with inside access to the network. However, use of more secure physical links will make traffic observation by entities outside of the network more difficult thus improving protection from traffic analysis. No doubt users would like to be able to request a guaranteed level of link security, just as they would like to be able to request a guaranteed bandwidth or delay through the network. However, such guarantees require a resource reservation and/or policy routing scheme and are beyond the scope of the current IP Type of Service facility. Although the TOS field is provided in all current Internet packets and routing based on TOS is provided in routing protocols such as OSPF [See 5,6,7], there is no realistic chance that all of the Internet will implement this additional TOS any time in the foreseeable future. Nevertheless, users concerned about traffic analysis need to be able to request that the physical security of the links over which their packets will be pass be maximized in preference to other link characteristics. The proposed TOS provides this capability. 1.2 Confidentiality Use of physical links with greater physical security provides a layer of protection for the confidentiality of the data in the packets as well as traffic analysis protection. If the content of the packets are otherwise protected by end-to-end encryption, using secure links makes it harder for an external adversary to obtain the encrypted data to attack. If the content of the packets is unencrypted plain text, secure links may provide the only protection of data confidentiality. There are cases where end-to-end encryption can not be used. Examples include paths which incorporate links within nations which restrict encryption, such as France or Australia, and paths which incorporate an amateur radio link, where encryption is prohibited. In these cases, link security is generally the only type of confidentiality available. The proposed TOS will provide a way of requesting the best that the network can do for the security of such unencrypted data. This TOS is required for improved confidentiality, especially in cases where encryption can not be used, despite the fact that it does not provide the guarantees that many users would like. SeeShow full document text