[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: IPsec near term work



One of the reasons I've been putting off key management is a (sigh)
familiar and thorny one to many of us: the public key patents and the
politics surrounding them. I doubt I'm the only one.

Everybody knows that the only truly practical way to do an IP key
management protocol is with public key cryptography, but the sorry
history of PEM isn't much cause for hope. Much of the Internet's
success comes from its "let a thousand flowers bloom" philosophy, but
so far those who control RSA haven't seen fit to legitimize this
approach.

Indeed, what is arguably now the best and most successful Internet
implementation of RSA (PGP) was done in direct defiance of the patents
and at considerable personal risk.  A level of risk I would rather not
assume myself, much less force others to assume.

Will we have to wait until 1997 (when Diffie Hellman expires) or 2000
(when RSA expires) to do anything with IP security beyond manual
single-key cryptography? Is anyone willing to tackle this issue?

Phil



Follow-Ups: References: