[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Modular approach to key management




Juan A. Garay Says:

     Our proposal doesn't force a user to use the "lower" module, thru 
     which short-lived keys are derived . However, distributing keys thru 
     the means mentioned above is more expensive, and we believe ipsec has 
     to provide a more modular and efficient option. Our proposal 
     accommodates this situation.

But, the proposal suggests that we start by standardizing the lower module. 
In my opinion, the upper module is the one that needs our attention.  The 
upper module is the one that uses key distribution centers, 
certificate-based key management, or manual key management.

Russ