[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: comments on Photuris

To: hugo@watson.ibm.com
Subject: Re: comments on Photuris
From: Phil Karn <karn@unix.ka9q.ampr.org>
Date: Tue, 21 Feb 1995 02:08:36 -0800
Cc: ipsec@ans.net
In-Reply-To: <199502151534.AA10009@interlock.ans.net> (hugo@watson.ibm.com)
Reply-To: karn@qualcomm.com

>I still prefer the option of signing nonces chosen by the other party.
>It is more secure (time sync considerations, granularity of frshness, etc.)

>However, for parties that periodically refresh their keys there is no reason
>not to maintain a nonce sent in the previous refreshment round; in that case

Suppose I add a rule to Photuris that says you should use an existing
SAID whenever possible to encrypt the exchanges that create a new
SAID. Would this give you some of the same sort of protection against
partial compromises that you get with explicit key refreshment?

Phil

References:

comments on Photuris

From: hugo@watson.ibm.com

Prev by Date: Re: comments on Photuris
Next by Date: Re: WG last call for IPv4 AH and ESP
Prev by thread: comments on Photuris
Next by thread: Re: comments on Photuris
Index(es):
- Main
- Thread