[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: SIPP and SKIP. 2 subjects.
>From ipsec-request@ans.net Mon Aug 1 13:58:30 1994
>SKIP is a nice proposal as far as it goes, but neither it nor any of
>the other proposals I've seen thus far address the real issues.
>
>>From my own (different) perspective, the cryptographic details of any
>given key management system are the LEAST important problem. The most
>important problems are finding a common framework for negotiating
>which protocols are to be used, and a common framework for
>naming. Certainly one or possibly two strong protocols (a public key
>and a private key one might each be needed) for key management ought
>be standardized, but lets not kid ourselves into thinking we will be
>using the same ones in ten or fifteen years. New technologies are
>developed all the time, and tying ourselves for all time to a specific
>cryptographic algorithm is a big mistake (although it would also be a
>mistake not to try to get people to use a single standard today.) A
>good structure that lets us move forward when the time comes to do so
>is the real challenge. As defined, SKIP and all the rest don't provide
>an open framework -- most of them are very tied to specific
>cryptographic techniques.
Perry,
The last key-management scheme that I designed (with Whit Diffie)
attempted to negotiate several parameters of interest, key sizes
and encryption algorithms being some of them. (This was published
in "IEEE Personal Communications", Feb 94, and is also available on
the mobile-IP ftp site. This design was in the context of connection-
oriented wireless LAN protocols.)
In designing this scheme, one of the things that I came to
realize was that although one could negotiate many things easily,
the public-key algorithm in the certificate was not one of them.
Ultimately, certificates become part of the infrastructure, and
negotiating a different infrastructure is quite difficult in
practice.
Ashar.
Follow-Ups: