[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: (IPng) Re: Proposed message on perfect forward security

To: ipng@sunroof.eng.sun.com
Subject: Re: (IPng) Re: Proposed message on perfect forward security
From: ashar@osmosys.incog.com (Ashar Aziz)
Date: Thu, 16 Mar 1995 10:24:24 -0800
Cc: ipsec@ans.net


> From: "Theodore Ts'o" <tytso@MIT.EDU>
> Well, that suggests one possible compromise --- which is that draft is
> modified to remove the comment deprecating in-band keying, but also
> stating that the intention is that the expectation is that the base
> level key exchange method will be using an out-of-band key exchange
> method.  
> 
> Is this something that everyone can live with?

Ted,

In the interest of bringing this unfortunately long debate
to an end, I will say "Yes". Not that this solution is ideal
from my perspective, but that it appears to be better than
the current situation.

I believe that the correct way to resolve this issue is to
actually build and deploy security/key-mgmt in the extremely
diverse environments/applications possible in the Internet,
and therefore to the extent that this permits experimentation
with alternative approaches, I am for it. Ultimately, as
we have all agreed, the market will decide the approach
it prefers.

Thanks, BTW for making a compromise proposal.

Kind regards,
Ashar.

Prev by Date: Re: (IPng) More Endpoint Attributes
Next by Date: Re: (IPng) Re: Proposed message on perfect forward security
Prev by thread: Re: (IPng) Re: Proposed message on perfect forward security
Next by thread: Re: (IPng) Re: Proposed message on perfect forward security
Index(es):
- Main
- Thread