[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Slicing and Dicing in new-esp

To: "mcr@sandelman.ottawa.on.ca" <mcr@sandelman.ottawa.on.ca>, "'Hilarie Orman'" <ho@earth.hpc.org>
Subject: RE: Slicing and Dicing in new-esp
From: Rob Adams <adams@cisco.com>
Date: Sat, 12 Apr 1997 11:14:13 -0700
Cc: "ipsec@tis.com" <ipsec@tis.com>
Sender: owner-ipsec@ex.tis.com

In the implementors meeting we agreed that the key management layer will create for the
transform a minimum number of bits of key material specified by the transform.   We shouldn't
have a problem anymore. 

-Rob

----------
From: 	Hilarie Orman[SMTP:ho@earth.hpc.org]
Sent: 	Friday, April 11, 1997 2:25 PM
To: 	mcr@sandelman.ottawa.on.ca
Cc: 	ipsec@tis.com
Subject: 	Re: Slicing and Dicing in new-esp 

> My understanding is that this won't happen: the key management
> daemon can produce as many bits as needed for the security bundle.

I hope it won't happen.

The key management can produce as many bits of entropy as are needed
for the security bundle; whether or not it presents that entropy in a
string with as many bits as the security bundle desires is less clear.

If it does produce the correct number of bits, then it might as well
present them pre-sliced, it seems to me.  If the transforms still wish
to twiddle the bits, they can do so.

Hilarie

Prev by Date: Re: IPSec MIB
Next by Date: IPComp presentation URL
Prev by thread: Re: Slicing and Dicing in new-esp
Next by thread: Re: Slicing and Dicing in new-esp
Index(es):
- Main
- Thread