| |
A “security protocol” is a set of rules determining the steps and formats of security messages exchanged between at least two entities. As Radia Perlman says, “Network protocol design is not a nice, clean science, where what gets deployed is the best possible design. Instead, designs are influenced by issues such as politics, general confusion, and backward compatibility.”
Security protocols and standards are not an exception, often complex and hard to read materials. On the other hand, for interoperability reasons following them is often mandatory. We, as security practitioners, should learn how to use and even how to implement them. The goal of this chapter is to provide you a first step towards tackling this very often daunting task. More information is provided in your textbooks as well as in relevant RFC documents which can be reached at http://www.ietf.org/rfc.html. |
|
|
