[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Modular approach to key management
Juan A. Garay Says:
Our proposal doesn't force a user to use the "lower" module, thru
which short-lived keys are derived . However, distributing keys thru
the means mentioned above is more expensive, and we believe ipsec has
to provide a more modular and efficient option. Our proposal
accommodates this situation.
But, the proposal suggests that we start by standardizing the lower module.
In my opinion, the upper module is the one that needs our attention. The
upper module is the one that uses key distribution centers,
certificate-based key management, or manual key management.
Russ