[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: (IPng) Re: Proposed message on perfect forward security

Dan Nessett says:
> Ran has recently sent out an email message stating that he will modify the
> security I-D to clarify that the IANA will control the range of reserved
> SAIDs. I think that is helpful. However, the draft still deprecates the
> use of in-band keying. Why?

Not "deprecates". "Is not intended for".

The point is this. IPSP was not intended for this use. See that big 32
bit SAID? Well, if we were to use SKIP, that whole field would be a
waste of space. If we had expected to use SKIP, it never would have
been there. See those transforms we spent huge amounts of time
discussing? Well, SKIP uses none of them, so they were a waste of time
too. In fact, SKIP could just as well use some other packet type --
nothing in IPSP is of *any* use to SKIP. Thats why the language is
there. Using SKIP inside IPSP is a kludge. If we really wanted to use
SKIP, this wouldn't be the standard on top of which to build it.

> However, if pursuing this issue is seen by the long term participants of the
> IPng working group as counter-productive, then I will retire. I thought this
> was supposed to be an open process.

I believe the arguments have become repetitive at this point.