[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: SKIP: Interoperability proposal

To: "PALAMBER.US.ORACLE.COM" <PALAMBER@us.oracle.com>
Subject: Re: SKIP: Interoperability proposal
From: "Perry E. Metzger" <perry@piermont.com>
Date: Fri, 10 Nov 1995 21:49:24 -0500
Cc: ipsec@ans.net
In-Reply-To: Your message of "10 Nov 1995 10:38:40 PST." <199511101953.AA05644@interlock.ans.net>
Reply-To: perry@piermont.com

"PALAMBER.US.ORACLE.COM" writes:
> SKIP is part of IPSEC.

Thats news to me. The IPSEC documents don't mention SKIP anywhere. I
know -- I was one of the people that edited and wrote them.

> The SKIP implementors and editor are working hard at making SKIP
> compatable with AH/ESP.

Thats a different story. However, so far as I can tell, its not
possible. A SKIP implementation necessarily is not compatible with the
base transforms in IPSEC or with the way IPSEC modularly handles key
negotiation. The only reason I can see that the SKIP people want to
move to similar formats is so that they can claim in the press that it
has something to do with IPSEC.

> It does represent an alternative to the original working group
> concept of only supporting an application layer key management
> protocol.

Actually, we didn't speak of only supporting application layer or
allowing other things. However, the SKIP model is so totally different
from the IPSEC model that they bear no resemblance.

I'm not saying that the folks doing SKIP work should stop. However,
they shouldn't claim its IPSEC related. It really isn't.

Perry

References:

Re: SKIP: Interoperability proposal

From: "PALAMBER.US.ORACLE.COM" <PALAMBER@us.oracle.com>

Prev by Date: Re: naming and terminology
Next by Date: Re: naming and terminology
Prev by thread: Re: SKIP: Interoperability proposal
Next by thread: Re: SKIP: Interoperability proposal
Index(es):
- Main
- Thread