[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: >IPSEC Charter - New Dra

To: Steve Kent <kent@BBN.COM>
Subject: Re: >IPSEC Charter - New Dra
From: "Perry E. Metzger" <pmetzger@lehman.com>
Date: Mon, 07 Feb 1994 12:13:59 -0500
Cc: ipsec@ans.net
In-Reply-To: Your message of "Mon, 07 Feb 1994 12:00:07 EST." <199402071707.MAA18850@lehman.com>
Reply-To: pmetzger@lehman.com


Steve Kent says:
> Perry,
> 
> 	The secure communication a user would establish with the local
> router via a IPSP would provide authentication, but would not allow
> the router to convince other routers, much less other autonomous
> systems, that the mopbile host in question was present.

Fine -- but the host could convince other routers. In any case, the
key management can be the same.

> The requirement here is for a timely, non-repudiable statement of
> connectivity of bounded duration, authored by the host.

Either that, or the remote routers could simply exchange some bytes
with the host itself. Any really good protocol is going to be
challenge response anyway, so the hosts might as well just set up a
swIPe or similar connection with the the remote routers and exchange a
few bytes if need be. The infrastructure can all be the same.

Perry

Follow-Ups:

Re: >IPSEC Charter - New Dra

From: Steve Kent <kent@BBN.COM>

Prev by Date: Re: IPsec near term work
Next by Date: Re: >IPSEC Charter - New Dra
Prev by thread: Re: >IPSEC Charter - New Dra
Next by thread: Re: >IPSEC Charter - New Dra
Index(es):
- Main
- Thread