[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: forward secrecy

To: Hilarie Orman <ho@cs.arizona.edu>
Subject: Re: forward secrecy
From: "Perry E. Metzger" <perry@piermont.com>
Date: Fri, 15 Dec 1995 20:57:35 -0500
Cc: ipsec@ans.net
In-Reply-To: Your message of "Thu, 14 Dec 1995 18:09:26 MST." <199512150109.AA18798@interlock.ans.net>
Reply-To: perry@piermont.com

Hilarie Orman writes:
> SKIP will probably be acceptable to some user communities.  It's
> statelessness and resulting protocol simplicity are certainly pleasing.
> But, I don't think that the schism over the threat model is going to
> disappear through persuasion, so unless a third approach emerges, combining
> PFS and statelessness, I doubt that there will be a way to satisfy all
> parties.

I'd like to note, as I periodically do, that SKIP is in no way
actually stateless. Thats just marketing hype by Ashar. In order to
use a SKIP datagram in any real system you are going to have to get
keys from a keyserver, thus almost completely obviating the claimed
advantages of SKIP.

You can, of course, operate SKIP with statically configured keys --
but in that case why not just run ESP and AH with statically
configured keys and get rid of the overhead?

Perry

References:

Re: forward secrecy

From: Hilarie Orman <ho@cs.arizona.edu>

Prev by Date: forward secrecy: satisfying all parties
Next by Date: CFP: Special issue on ATM SWITCHING
Prev by thread: Re: forward secrecy
Next by thread: Re: forward secrecy
Index(es):
- Main
- Thread