[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

No Subject

To: Steve Kent <kent@bbn.com>
From: "Perry E. Metzger" <pmetzger@lehman.com>
Date: Tue, 01 Mar 1994 17:02:24 -0500
Cc: pmetzger@lehman.com, Phil Karn <karn@qualcomm.com>, iab-retreat@isi.edu, mobile-ip@ossi.com, ipsec@ans.net
In-Reply-To: Your message of "Tue, 01 Mar 1994 11:04:53 EST." <199403011621.LAA26467@lehman.com>
Reply-To: pmetzger@lehman.com


Steve Kent says:
> 	As for bulk encryoption, rather than end-to-end, that is the
> general form of what Phil seems to be arguing, i.e., that encryption
> of traffic between sites is easier than authentication implemented on
> an end system basis, because of reduced management burdens.  While
> that observation is true, the resulting functionality, is not the
> same, even if the inter-site encryption is accompanied by
> authentication at the same granularity.  For some contexts this
> approach could be quite effective, e.g., if one were atte,tping to
> build a private corporate Internet on top of a public Internet.
> However, in a more general environment, the wide range of
> communicating partners makes inter-site encryption less effective
> (compared to end-to-end authentication).

I see no reason to believe this, and good reason to believe the
contrary given good key management protocols.

Perry

Follow-Ups:

No Subject

From: Steve Kent <kent@BBN.COM>

Prev by Date: Re: swIPe stuff
Next by Date: Re: swIPe stuff
Prev by thread: No Subject
Next by thread: No Subject
Index(es):
- Main
- Thread