[sldev] Cryptographic signing of UDP packets

[Alissa Sabre]

> It was mentioned by Soft that adding a cryptographic hash/signature to
> each UDP packet was on the way, and given that the last 2 security
> updates were both UDP packet injection issues this could be a very
> good thing, but there may be unforced pitfalls and this is not in
> anyway aimed at LL, but its easy to balls up cryptography

When I read this, several thoughts came into my mind.  In short, what
I want to say is: Why not IPsec?

Why designing a new protocol?  Reading discussion following the
Robin's message made me believe that IPsec just fits.  What SL
requirement is not fulfilled by IPsec features?  What is the problem
of using IPsec?  A great advantage of IPsec is that it is available on
all SL-supported OS's.

Another advantage of using IPsec is that we can get hardware
acceleration.  There are a lot of so-called enterprise-class Ethernet
cards that can encipher/decipher IPsec datagram on the cards.  Another
example is VIA's low-cost CPUs that come with encryption-accelerator
and their IPsec driver makes use of it.  All of these things are
possible that IPsec is an OS feature, and the hardware vendors can
provide encryption drivers.  I don't think they provides ones for SL
viewer-specific API.

Yet more.  Authenticating a large number of small isolated data is
technically difficult.  Authentication of IP datagram just falls into
this.  IPsec people made a great effort to build a stable framework.
I don't think LL engineers can do it better.

And lastly, I remember that, in early days of SLDev list, Rob Linden
repeatedly wrote "don't reinvent the wheel."  I generally agree on the
policy.  (Although those days, he generally said so to deny opensource
developers' idea...)

    Alissa Sabre
--------------------------------------
Power up the Internet with Yahoo! Toolbar.
http://pr.mail.yahoo.co.jp/toolbar/