[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: (IPng) Re: out-of-band key management

To: ashar@osmosys.incog.com (Ashar Aziz)
Subject: Re: (IPng) Re: out-of-band key management
From: "Perry E. Metzger" <perry@imsi.com>
Date: Wed, 08 Mar 1995 22:39:52 -0500
Cc: ipng@sunroof.eng.sun.com, ipsec@ans.net
In-Reply-To: Your message of "Wed, 08 Mar 1995 15:58:37 PST." <199503090001.AA25539@interlock.ans.net>
Reply-To: perry@imsi.com


Ashar Aziz says:
> 
> Ran,
> 
> Does this mean that you agree that the following text should be
> taken out from Section 4 of the "IPv6 Security Architecture" document?
> 
>    "IPv6 is not intended to support so-called "in-band" key
>    management, where the key management data is carried in a
>    distinct IPv6 header.  Instead it will primarily use so-called
>    "out-of-band" key management, where the key management data will
>    be carried by an upper layer protocol such as UDP or TCP on some
>    specific port number."

I oppose the removal of the language. IPv6 and IPSP are NOT intended
for "in-band" key management. The fact that you can get them to do it
against the intentions of the designers does not change the intent and
purpose of the original design. You have to live with that.

Perry

Follow-Ups:

Re: (IPng) Re: out-of-band key management

From: bound@zk3.dec.com

References:

Re: (IPng) Re: out-of-band key management

From: ashar@osmosys.incog.com (Ashar Aziz)

Prev by Date: Re: (IPng) Re: out-of-band key management
Next by Date: Where are we now?
Next by thread: Re: (IPng) Proposed Standard or no?
Index(es):
- Main
- Thread