[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: ESP revisions straw poll

To: Stephen Kent <kent@bbn.com>
Subject: Re: ESP revisions straw poll
From: Bill Sommerfeld <sommerfeld@apollo.hp.com>
Date: Fri, 16 May 1997 14:43:19 -0400
Cc: ipsec@tis.com
In-Reply-To: kent's message of Fri, 16 May 1997 13:50:09 -0400. <v0300780eafa24d6c0ced@[128.89.0.110]>
Sender: owner-ipsec@ex.tis.com

[Maybe I'm just being dense, but there seems to be very broad consensus
here against authentication-only ESP..]

Steve,

Thank you, it turns out that we are closer to agreement than I
thought.

Now, it may look to some like I'm caving in to the U.S. export control
folks here, but no, I'm just being pragmatic about trying to get as
much of the functionality deployed as quickly as possible.

Pragmatically, there are going to be folks who are interested in
deploying *subsets* of ipsec; in particular, an authentication-only
implementation which leaves out bulk confidentiality services.

My sense is that it will be easier to get export approval for an
implementation which leaves out ESP entirely instead of one which
"dumbs it down" by making it authentication-only, but like I said,
given the subjective nature of the export control process it may well
depend on how well you present your case to the gov't.

In any event, not having to worry about authentication-only ESP would
certainly make it easier to manage a "dual mode" source base..

					- Bill

References:

Re: ESP revisions straw poll

From: Stephen Kent <kent@bbn.com>

Prev by Date: Re: ESP revisions straw poll
Next by Date: RE: Clarification and a single SA
Prev by thread: Re: ESP revisions straw poll
Next by thread: Re: ESP revisions straw poll
Index(es):
- Main
- Thread