[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: (IPng) Proposed message on perfect forward security

"Housley, Russ" says:
> Amir says:
> > ... Let me clarify: I agree with most of Perry's reservations about SKIP
> > and in-line keying. But, I don't agree with his conclusion. SKIP and 
> > in-line keying give some unique advantages to certain valid scenarios. 
> > Therefore, it would be good to include them as options of our key 
> > management and encapsulation standards. Of course they should not be the
> > only mode or even the default, furthermore I'll agree to eliminate them
> > if we had a good reason (i.e. a big cost in efficiency, security, or 
> > complexity).
> Like Amir, I see no big deal supporting this as an option.  Let's stop 
> bickering and agree to an approach that supports both Photuris-like and 
> SKIP-like key management approaches.

I believe that for some time now it has been proposed that SKIP be
given one of the "reserved" SAID values and that things be left at
that. I don't see why this wouldn't be sufficient.