[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: (IPng) in-band key mgmt, IPV6, export issues, DES hardware
> From rja@bodhi.itd.nrl.navy.mil Fri Mar 10 06:22:03 1995
> To: ipng@sunroof.Eng.Sun.COM, ipsec@ans.net
> Subject: Re: (IPng) in-band key mgmt, IPV6, export issues, DES hardware
> Mime-Version: 1.0
>
> Folks,
>
> 1) The IPv6 specs do NOT "clearly state that in-band cannot be used
> for IPv6".
>
> The IPv6 specs merely state that the IPv6 security specs were "not
> intended for use with in-band" key management. In-band clearly works
> as has been described by Ted T'so and others. Even the in-band
> advocates believe that it will using the technique that Ted has
> described. Within an IETF spec, things that are not explicitly
> prohibited using "MUST NOT" language are permitted. There is no
> language that I am aware of that says one "MUST NOT" use in-band key
> management or even says one "SHOULD NOT" use in-band key management.
> There is a difference between what the designer intended and what
> is possible and permitted.
Ran,
Given your agreement that IPv6 can be used to support in-band keying, what
is your objection to removing the paragraph that states it is "not intended"
to do so?
Dan