[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re[2]: Diffie-Hellman (note by Hugo)
- Subject: Re[2]: Diffie-Hellman (note by Hugo)
- From: "Housley, Russ" <housley@spyrus.com>
- Date: Tue, 13 Dec 94 06:55:50
- Cc: ipsec@ans.net
- Encoding: 675 Text
> Let me both support and object. I support perfect forward secrecy for
> situations where secrecy is essential.
>
> I dont support perfect forward secrecy where authentication, and not
> secrecy, is the prime consideration. Like you said, it isn't free. If
> you dont want it, dont need it, you shouldn't have to pay for it. That
> is why I presented perfect forward secrecy as an option in my SKIP talk.
> There are many situations in the context of Internet applications where
> authentication (and not secrecy) is the prime issue.
I completely agree with Ashar. We should support forward secrecy as an option,
not as a builtin feature unavoidable.
Russ