[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: ADMIN: Straw Poll Results on Key Mgmt

To: ipsec@ans.net
Subject: Re: ADMIN: Straw Poll Results on Key Mgmt
From: Theodore Ts'o <tytso@MIT.EDU>
Date: Tue, 13 Feb 1996 13:44:33 -0500
Address: 1 Amherst St., Cambridge, MA 02139
Cc: ipsec@ans.net
In-Reply-To: William Allen Simpson's message of Tue, 13 Feb 96 15:09:46 GMT,<4825.bsimpson@morningstar.com>
Phone: (617) 253-8091
Reply-To: ipsec@ans.net
Sender: ipsec-owner@ans.net

Bill, 
	The requirement which Ran is referring to in RFC-1825 is that
the key management protocol must be able to negotiate all of the
parameters which may be associated with a security association, as found
in section 1.4 of RFC-1825.  This includes Encryption Algorith, Security
Association Lifetime, and sensitivity label.  In other words, those
things addressed by Schertler's ISAKMP protocol.

	Right now we have a number of differnet proposals on the table,
none of which completely meet all of the original requirements.
However, it wouldn't be that hard to fix this; it wouldn't be hard for
SKIP to add PFS, or Photoris to add support for full Security
Association attributes negotiation, etc.  Instead of bickering around
playing procedural games and raising meta-issues, if the various people
who are proposing key management protocols to this wg simply sat down
and did the work to meet all of the requirements as originally specified
by this wg, we could be done in relatively short order.  I really don't
think it's all that hard for any of the proposals currently on the
table.

							- Ted

References:

Re: ADMIN: Straw Poll Results on Key Mgmt

From: "William Allen Simpson" <bsimpson@morningstar.com>

Prev by Date: ICMP messages
Next by Date: Re: (mobile-ip) MD5 Key recovery attack
Prev by thread: Re: ADMIN: Straw Poll Results on Key Mgmt
Next by thread: Re: ADMIN: Straw Poll Results on Key Mgmt
Index(es):
- Main
- Thread