next up previous contents
Next: Authentication option Up: Proposed design Previous: Environment model

Security policy

This section outlines the main design goals for the client and server Telnet applications.

  1. The information must be protected in a way that resists both passive and active attacks (this applies when the proper security options are enabled).
  2. Only authorized clients shall be able to start a telnet session.
  3. The client must be able to authenticate the server.
  4. The server must be able to authenticate the client.
  5. An authorized client shall not be able to impersonate another authorized client.
  6. If the client or server has a strong random number generator, it must be possible to take advantage of the strong keys generated by this party.
  7. It should be possible to use the data integrity check without encrypting the data (some countries have restrictions on the use of encryption).
  8. The user of the client and the administrator of the server should be able to select what key certificates are accepted.
  9. The same session keys should never be used in different sessions. The same key should also be used only for a limited time period in a single session.



Asgaut Eng
Wed Apr 10 14:07:30 MET DST 1996