[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: Slicing and Dicing in new-esp
In the implementors meeting we agreed that the key management layer will create for the
transform a minimum number of bits of key material specified by the transform. We shouldn't
have a problem anymore.
-Rob
----------
From: Hilarie Orman[SMTP:ho@earth.hpc.org]
Sent: Friday, April 11, 1997 2:25 PM
To: mcr@sandelman.ottawa.on.ca
Cc: ipsec@tis.com
Subject: Re: Slicing and Dicing in new-esp
> My understanding is that this won't happen: the key management
> daemon can produce as many bits as needed for the security bundle.
I hope it won't happen.
The key management can produce as many bits of entropy as are needed
for the security bundle; whether or not it presents that entropy in a
string with as many bits as the security bundle desires is less clear.
If it does produce the correct number of bits, then it might as well
present them pre-sliced, it seems to me. If the transforms still wish
to twiddle the bits, they can do so.
Hilarie