[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Re[2]: ISAKMP performance

To: David Jablon <dpj@world.std.com>
Subject: Re: Re[2]: ISAKMP performance
From: "Theodore Y. Ts'o" <tytso@MIT.EDU>
Date: Thu, 17 Jul 1997 17:06:46 -0400
Address: 1 Amherst St., Cambridge, MA 02139
Cc: "Theodore Y. Ts'o" <tytso@MIT.EDU>, Daniel Harkins<dharkins@cisco.com>, andrade@netcom.com, norm@tor.securecomputing.com, pcalhoun@usr.com, ipsec@tis.com
In-Reply-To: David Jablon's message of Wed, 16 Jul 1997 23:06:46 -0400,<3.0.1.16.19970716230646.0aa75f70@world.std.com>
Phone: (617) 253-8091
Sender: owner-ipsec@ex.tis.com

   Date: Wed, 16 Jul 1997 23:06:46 -0400
   From: David Jablon <dpj@world.std.com>

   But it's not necessarily a good reason.  There are much stronger
   methods, such as password-authenticated Diffie-Hellman exchanges
   EKE, SPEKE, etc.  

Small Diffie-Hellman moduli are easily broken. 

However, discussion of these topics aren't really germane to the ipsec
working group, so I suggest we take this discussion elsewhere.

Discussion of the possibility of designing some other key management
protocol for ipsec is (barely) in order, although at this point if this
discussion gets extensive Bob and I would probably recommend starting a
separate working group to avoid bogging down existing efforts.

						- Ted

Follow-Ups:

Re: Re[2]: ISAKMP performance

From: Robert Moskowitz <rgm3@chrysler.com>

References:

Re: Re[2]: ISAKMP performance

From: David Jablon <dpj@world.std.com>

Prev by Date: format of name ID's in ISAKMP IP DOI
Next by Date: Re: Re[2]: ISAKMP performance
Prev by thread: Re: Re[2]: ISAKMP performance
Next by thread: Re: Re[2]: ISAKMP performance
Index(es):
- Main
- Thread