Re: Manual keying and replay prevention and ISAKMP negotiation

[Rodney Thayer <rodney@sabletech.com>]

In this case may I suggest we call it "externally generated keys" rather
than manual keys.  I believe this case, where there is some sort of
external mechanism (i.e. hardware, etc.) generating the keys is compatible
with Cisco's views, as opposed to (old style humans-type-them-in) manual
keying.

>Date: Fri, 4 Apr 1997 15:06:56 -0500
>From: ho@earth.hpc.org (Hilarie Orman)
>To: rodney@sabletech.com
>Cc: ipsec@tis.com
>Subject: Re: Manual keying and replay prevention and ISAKMP negotiation
>Sender: owner-ipsec@ex.tis.com
>
>There are two types of manual keying.  The AH and ESP implementations must
>be able to work in the absence of any keying protocols at all. That's
>why the drafts mention manual keying: it's all you can count on without
>a key exchange protocol.
>
>The ISAKMP/Oakley manual keying is for a different case.  If one party
>has a key generated by a method that he is especially fond of
>(e.g. hardware), he can securely transmit it to another party and
>assign it to an SA.
>
>Hilarie
>
>
>

---

Follow-Ups:

• Re: Manual keying and replay prevention and ISAKMP negotiation
• From: Daniel Harkins <dharkins@cisco.com>

---

• Prev by Date: Re: Manual keying and replay prevention and ISAKMP negotiation
• Next by Date: Re: Manual keying and replay prevention and ISAKMP negotiation
• Prev by thread: Re: Manual keying and replay prevention and ISAKMP negotiation
• Next by thread: Re: Manual keying and replay prevention and ISAKMP negotiation
• Index(es):
  • Main
  • Thread