[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: (IPng) Proposed message on perfect forward security

To: "Housley, Russ" <housley@spyrus.com>
Subject: Re: (IPng) Proposed message on perfect forward security
From: "Perry E. Metzger" <perry@imsi.com>
Date: Tue, 14 Mar 1995 19:35:39 -0500
Cc: ipsec@ans.net
In-Reply-To: Your message of "Tue, 14 Mar 1995 15:27:58." <199503142351.AA03622@interlock.ans.net>
Reply-To: perry@imsi.com


"Housley, Russ" says:
> 
> Amir says:
> > ... Let me clarify: I agree with most of Perry's reservations about SKIP
> > and in-line keying. But, I don't agree with his conclusion. SKIP and 
> > in-line keying give some unique advantages to certain valid scenarios. 
> > Therefore, it would be good to include them as options of our key 
> > management and encapsulation standards. Of course they should not be the
> > only mode or even the default, furthermore I'll agree to eliminate them
> > if we had a good reason (i.e. a big cost in efficiency, security, or 
> > complexity).
> 
> Like Amir, I see no big deal supporting this as an option.  Let's stop 
> bickering and agree to an approach that supports both Photuris-like and 
> SKIP-like key management approaches.

I believe that for some time now it has been proposed that SKIP be
given one of the "reserved" SAID values and that things be left at
that. I don't see why this wouldn't be sufficient.

.pm

References:

Re: (IPng) Proposed message on perfect forward security

From: "Housley, Russ" <housley@spyrus.com>

Prev by Date: Comments from Paul Van Oorschot
Next by Date: Re: (IPng) Re: Proposed message on perfect forward security
Prev by thread: Re: (IPng) Proposed message on perfect forward security
Next by thread: Diffie's comments on Photuris
Index(es):
- Main
- Thread