[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: IPv6 Security Last Call Initial Questions
> >I suspect Jim is right and there are many who share this position - i.e.
> >we need exportable version but hate to admit it since it's so crazy...
> 1) Exportable crypto is breakable crypto.
Small but critical correction: exportable _encryption_ is breakable.
And, I don't want us to standardize anything breakable.
BUT we can have strong exportable _authentication_ (this already exists in
products!).
My suggestion: standard complying should require only strong authentication;
encryption (strong or silly) should be only an option. Namely, ESP should not
be a requirement (for IPSP in IPv4 or for IPv6).
If one does implement ESP, I agree that strong encryption would be required.
Best, Amir
References: