[Info-vax] One possible market for VMS: secure credit card

Tue Mar 24 20:08:40 EDT 2015

On 2015-03-24 21:32:45 +0000, David Froble said:

> When I first took a look at OpenSSL, it was very confusing to me.  The 
> main reason is because whoever decided to implement it doesn't think 
> very much like me.  (Ok, get in your jabs now ...)

The OpenSSL API is certainly not the way I'd do it.   The LibreSSL fork 
<http://www.libressl.org> and some others are working on different 
implementations and APIs.  Apple has created their own transport 
library 
<https://developer.apple.com/library/ios/documentation/Security/Reference/secureTransportRef/index.html> 
for OS X and iOS.

Other pieces of this puzzle include CDSA and the general lack of any 
central certificate support on OpenVMS.

> If I was designing this stuff, I'd keep things separate.  
> Communications would be just that, communications.  Encryption also 
> would be self contained.  None of this mixing.  Nor do I have any idea 
> whether my method would have inherent security flaws.

Encryption and the network transport and the initial key-exchange 
negotiation are all aspects of the network connection, and each is 
necessary.   
<http://security.stackexchange.com/questions/65622/client-server-encryption-technique-explanation-tls-ecdhe-rsa-with-aes-128-gcm-s> 
 The negotiation — ECDHE, etc — and the encryption — AES-GCM, etc — are 
interlinked, and each has needed and will need updates as attacks 
evolve.   The newer encryption schemes implement what is called perfect 
forward security, which means that somebody that does get eventually 
access to the keys still can't easily recover the contents of 
previously-recorded encrypted comms.

> Now, if the encryption was a separate thing, DECnet, TCP/IP, and such 
> then would not need any security work.  It would be up to an 
> application to perform an encryption handshake, encrypt data, and the 
> communications would send and receive data, handshake, and such.

IPSec <https://en.wikipedia.org/wiki/IPsec> is all that and a bag of 
chips, at least with IP and DECnet over IP.  Alas, OpenVMS doesn't have 
that support yet.

> Maybe the above would be feasible for DECnet, since that most likely 
> would be VMS to VMS.

DECnet is a dead-end protocol, as much as I still find occasional use 
for it.  IP hasn't yet been integrated to the degree of DECnet.  If 
(when?) that integration happens within OpenVMS, I'd suspect most folks 
won't really miss DECnet all that much.

>  I fear it is not feasible for other communications, since the rest of 
> the world has already decided that communications and encryption will 
> be joined in a single product.

For now, that's usually SSL to start with, and hopefully eventually 
using IPSec.

> Nor am I adverse to building encryption into DECnet, and other things. 
> I've learned to conform to the rest of the world ....
> 
> But not C ....

Rust?

-- 
Pure Personal Opinion | HoffmanLabs LLC