[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

SKIP in IPSEC: is it really simple?

To: caronni@tik.ee.ethz.ch, rgm3@chrysler.com
Subject: SKIP in IPSEC: is it really simple?
From: HUGO@watson.ibm.com
Date: Thu, 12 Sep 96 14:52:47 EDT
Cc: skrenta@osmosys.incog.com, ipsec@TIS.COM
MMDF-Warning: Parse error in original version of preceding line at neptune.TIS.COM
Sender: ipsec-approval@neptune.tis.com

Ref:  Your note of Thu, 12 Sep 1996 19:03:02 +0200 (MET DST)

 > how do you plan to handle certificate expiry without shared time?

time for certificate expiration and time for freshness/anti-reply
in key exchange protocols are two very different issues.
The need for the first doesn't justify its use when generating
fresh session keys.

Hugo

Prev by Date: Re: SKIP in IPSEC: is it really simple?
Next by Date: Re: SKIP in IPSEC: is it really simple?
Prev by thread: Re: SKIP in IPSEC: is it really simple?
Next by thread: SKIP
Index(es):
- Main
- Thread