[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Emphasizing Key Mgmt

To: ipsec@ans.net
Subject: Re: Emphasizing Key Mgmt
From: Russ_Housley.McLean_CSD@xerox.com
Date: Fri, 4 Feb 1994 06:10:23 PST
In-Reply-To: <9402031721.AA12153@tri-flow.ftp.com.ftp.com>

Steve:

I strongly encourage you to leave IPSEC whole.

The present charter says that the IPSP will eb done first, then the Key
Management work will be done.  This meets the "serialized: concern reaised by
Frank Kastenholz.

As I have stated many times on this list, key management has four phases:
	1.  Generate key
	2.  Negotiate attributes
		/* We call a key bound with its attributes a security
association */
	3.  Use the security association
	4.  Delete the security association
Step 2 cannot be described is sufficient detail for implementation until you
know ehich attributes are needed by IPSP.

Russ

References:

Re: Emphasizing Key Mgmt

From: kasten@tri-flow.ftp.com (Frank Kastenholz)

Prev by Date: Re: IPsec near term work
Next by Date: Re: IPsec near term work
Prev by thread: Re: Emphasizing Key Mgmt
Next by thread: Re: >IPSEC Charter - New Dra
Index(es):
- Main
- Thread