[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: IPSEC WORKING GROUP LAST CALL

To: Alex Alten <Andrade@ix.netcom.com>
Subject: Re: IPSEC WORKING GROUP LAST CALL
From: "Perry E. Metzger" <perry@piermont.com>
Date: Sun, 22 Feb 1998 22:38:39 -0500
cc: ipsec@tis.com
In-reply-to: Your message of "Sun, 22 Feb 1998 17:13:05 PST." <3.0.3.32.19980222171305.0094a630@netcom.com>
Reply-To: perry@piermont.com
Sender: owner-ipsec@ex.tis.com

Alex Alten writes:
> IPSEC WG,
> 
> These are my main technical criticisms of the current set of IPSEC 
> documents.
> 
> 1. No data recovery of an encrypted IP datagram payload.
> 
>    Regardless of the merits of the design by not supporting this 
>    requirement it will probably kill IPSEC as a viable Internet 
>    standard.

"Data Recovery" would obviate the ability of IPSec to function as a
security standard, as if you can recover the data without recourse to
the cryptographic keys, you have not provided security.

> 3. IPSEC does not properly fit with the IP routing model.
> 
>    It force fits the concept of a security session (SA) onto the IP 
>    datagram routing model.

Huh?

Have you read the documents?

> 4. The design is too complex

Can you describe a simpler design than encapsulation?

.pm

References:

Re: IPSEC WORKING GROUP LAST CALL

From: Alex Alten <Andrade@ix.netcom.com>

Prev by Date: Re: key derivation for ESP Authentication Algorithm
Next by Date: Re: IPSEC WORKING GROUP LAST CALL
Prev by thread: Re: IPSEC WORKING GROUP LAST CALL
Next by thread: Re: IPSEC WORKING GROUP LAST CALL
Index(es):
- Main
- Thread