RFC 1455 (rfc1455) - Page 2 of 6
Physical Link Security Type of Service
Alternative Format: Original Text Document
RFC 1455 Link Security TOS May 1993
It is essential that routers have access to header information, so it
is hard to protect traffic statistics from an adversary with inside
access to the network. However, use of more secure physical links
will make traffic observation by entities outside of the network more
difficult thus improving protection from traffic analysis.
No doubt users would like to be able to request a guaranteed level of
link security, just as they would like to be able to request a
guaranteed bandwidth or delay through the network. However, such
guarantees require a resource reservation and/or policy routing
scheme and are beyond the scope of the current IP Type of Service
facility.
Although the TOS field is provided in all current Internet packets
and routing based on TOS is provided in routing protocols such as
OSPF [See 5,6,7], there is no realistic chance that all of the
Internet will implement this additional TOS any time in the
foreseeable future. Nevertheless, users concerned about traffic
analysis need to be able to request that the physical security of the
links over which their packets will be pass be maximized in
preference to other link characteristics. The proposed TOS provides
this capability.
1.2 Confidentiality
Use of physical links with greater physical security provides a layer
of protection for the confidentiality of the data in the packets as
well as traffic analysis protection. If the content of the packets
are otherwise protected by end-to-end encryption, using secure links
makes it harder for an external adversary to obtain the encrypted
data to attack. If the content of the packets is unencrypted plain
text, secure links may provide the only protection of data
confidentiality.
There are cases where end-to-end encryption can not be used.
Examples include paths which incorporate links within nations which
restrict encryption, such as France or Australia, and paths which
incorporate an amateur radio link, where encryption is prohibited.
In these cases, link security is generally the only type of
confidentiality available. The proposed TOS will provide a way of
requesting the best that the network can do for the security of such
unencrypted data.
This TOS is required for improved confidentiality, especially in
cases where encryption can not be used, despite the fact that it does
not provide the guarantees that many users would like. See
discussion at the end of the Traffic Analysis section above.
Eastlake