[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: SIPP and SKIP. 2 subjects.
On Aug 1, 1:47pm, Steve Kent wrote:
> Subject: Re: SIPP and SKIP. 2 subjects.
> Jim,
> I'm not sure that merits being identified as a different version of IPSP.
Yes, what I have described is indeed not a version "of the encapsulation". I am
not being trivial in using this important field.
Let me start again by withdraw my suggestion as being "without foundation".
I like SKIP and assume that it may be usable to get IP security into the field
real quick.
I also assume that we will have explicit authentication for future flexibility.
2 questions.
1) Do you envision that there will be 2 methods (implicit and
explicit) of key establishment?
2) If so, how do I determine the key management method?
(Let me ponder the possibilities.... The SAID is indeed the -only- field other
than the version that is defined. The SAID field is flat and has no meaning at
this time. I guess that a value of 0 could mean implicit key exchange? If you
get a bad SAID, you could do implicit key management? Hmm.)
I would like to hear 2 arguments. If you think question 1 is false, chime in.
If you think the answer to 1 is true, please tell me how it is to interoperate
in an internet that contains both implicit and explicit key management.
I await your response.
jim
Follow-Ups: