[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Proposal: Perfect forward secrecy a MUST

To: Ashar.Aziz@eng.sun.com (Ashar Aziz)
Subject: Re: Proposal: Perfect forward secrecy a MUST
From: "Perry E. Metzger" <perry@imsi.com>
Date: Wed, 14 Dec 1994 17:35:07 -0500
Cc: ipsec@ans.net
In-Reply-To: Your message of "Wed, 14 Dec 1994 14:24:47 PST." <9412142224.AA00361@miraj.Eng.Sun.COM>
Reply-To: perry@imsi.com


Ashar Aziz says:
> Having open long-term open security associations with a large
> number of managed entities at the management station is not a 
> particularly inviting prospect, considering that rebooting
> a management entity requires re-establishing all those associations.

True as that is, rebooting a management station as it stands is a huge
problem. As an example, SPECTRUM from Cabletron takes quite a long
time to restart -- long enough that I am not sure anyone would notice
the association re-establishment time.

> I believe the proposal I made at the meeting comes close to this
> overhead.

I must admit to not having studied that portion of your proposal in
sufficient detail -- I ought to dig out my draft again.

Perry

References:

Re: Proposal: Perfect forward secrecy a MUST

From: Ashar.Aziz@eng.sun.com (Ashar Aziz)

Prev by Date: Kerberos and why I brought it up...
Next by Date: Re: Proposal: Perfect forward secrecy a MUST
Prev by thread: Re: Proposal: Perfect forward secrecy a MUST
Next by thread: Re: Proposal: Perfect forward secrecy a MUST
Index(es):
- Main
- Thread