[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: (IPng) Re: Proposed message on perfect forward security


bound@zk3.dec.com says:
> 3.  Can't we discuss this without mention of SKIP so that we can
>     make sure either in-band or out-band can be used?

The problem is that SKIP is the only proposal we've had thats of this
form. Given that, its very difficult to discuss this in the general
case -- I'm not even sure what the "general case" would look like. My
suspicion is that other similar techniques would use very different
machinery. SKIP, as it is, cannot reuse any of the standard IPSP
machinery -- it needs its own transforms, its own hooks to the key
management layer, etc. I'm not sure that other similar techniques
could share any of SKIP's machinery, and I'm not sure at all that
there is a "general case" here to discuss. Therefore, I prefer to keep
discussion concrete and focus on SKIP.