[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

algorithm-independent

To: ipsec@ans.net
Subject: algorithm-independent
From: atkinson@itd.nrl.navy.mil (Ran Atkinson)
Date: Fri, 13 Oct 95 13:42:17 EDT


Hugo,

  The reference on "algorithm-independence" that you cite from
RFC-1825 has been misconstrued by you.  That reference only refers to
ESP and AH, with which it is cross-dependent.  As author of RFC-1825,
I can say this authoritatively.  I will attempt to recall the need to
clarify that language when RFC-1825 next comes up for review, do feel
free to remind me if I forget.

  To the best of my knowledge, the Photuris specification is not
intended to be completely algorithm-independent (however, I'm still
studing the Photuris draft and so I might be contradicted by some part
of the Photuris spec I misread or haven't yet read).  Photuris needs
to be interpreted within the context of the Photuris drafts, IMHO.  

  IMHO, if any IPsec key mgmt proposal were unable to distribute
keys/SAs for use with ESP/AH, then there would be an architectural
problem.  I don't believe Photuris has such a problem.  I haven't read
the latest SKIP draft in detail, but if the changes to SKIP I
anticipate were made in the current draft then SKIP no longer has that
particular problem.

Regards,

Ran
rja@cs.nrl.navy.mil

Prev by Date: Re: Photuirs & signature - protocol vs. algorithm
Next by Date: Photuris
Prev by thread: Re: Photuris Terminology
Next by thread: Nodes and Users
Index(es):
- Main
- Thread