[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: (IPng) Re: out-of-band key management

To: perry@imsi.com
Subject: Re: (IPng) Re: out-of-band key management
From: bound@zk3.dec.com
Date: Thu, 09 Mar 95 07:45:19 -0500
Cc: ashar@osmosys.incog.com (Ashar Aziz), ipng@sunroof.eng.sun.com, ipsec@ans.net, bound@zk3.dec.com
In-Reply-To: Your message of "Wed, 08 Mar 95 22:39:52 EST." <199503090341.AA05388@interlock.ans.net>


>Ashar Aziz says:
>> 
>> Ran,
>> 
>> Does this mean that you agree that the following text should be
>> taken out from Section 4 of the "IPv6 Security Architecture" document?
>> 
>>    "IPv6 is not intended to support so-called "in-band" key
>>    management, where the key management data is carried in a
>>    distinct IPv6 header.  Instead it will primarily use so-called
>>    "out-of-band" key management, where the key management data will
>>    be carried by an upper layer protocol such as UDP or TCP on some
>>    specific port number."

>I oppose the removal of the language. IPv6 and IPSP are NOT intended
>for "in-band" key management. The fact that you can get them to do it
>against the intentions of the designers does not change the intent and
>purpose of the original design. You have to live with that.

I think if in-band key management can be used it should be stated so in
the spec as any other option would be.

/jim

References:

Re: (IPng) Re: out-of-band key management

From: "Perry E. Metzger" <perry@imsi.com>

Prev by Date: Re: (IPng) Re: out-of-band key management
Next by Date: Clarification
Next by thread: Re: (IPng) Proposed Standard or no?
Index(es):
- Main
- Thread