[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: IPSEC WORKING GROUP LAST CALL

To: Alex Alten <Andrade@ix.netcom.com>
Subject: Re: IPSEC WORKING GROUP LAST CALL
From: Daniel Harkins <dharkins@cisco.com>
Date: Fri, 27 Feb 1998 23:07:45 -0800
Cc: Henry Spencer <henry%spenford@zoo.toronto.edu>, ipsec@tis.com
In-Reply-To: Your message of "Fri, 27 Feb 1998 22:57:21 PST." <3.0.3.32.19980227225721.00973710@netcom.com>
Sender: owner-ipsec@ex.tis.com

> >>>>1. No data recovery of an encrypted IP datagram payload.
> >>>This is a feature, not a bug, by strong consensus...
> >>
> >>I understand this.  I am certain that this requirement will not change for 
> >>the forseeable future, regardless of our consensus.  I am also certain that 
> >>this requirement can be met, in a manner that would satisfy our community...
> >
> >A significant fraction of the community will not be satisfied by any
> >protocol which incorporates key recovery.  The objection is not to the
> >technical details of key recovery, but to its presence in any form.
> >
> 
> My view is that it's just another tool to be used to solve certain types of 
> problems.  Whether you realize it or not, we have been outmaneuvered by other 
> communities with different desires.  

It's not really "outmaneuvered"; it's more like conceding the low-ground.
The only justification for key recovery in a communications product (as 
opposed to a stored-data product) is to facillitate evesdropping. We don't
want to "solve" that problem-- and in fact don't view lack of key recovery
as a problem in the first place!

  Dan.

References:

Re: IPSEC WORKING GROUP LAST CALL

From: Alex Alten <Andrade@ix.netcom.com>

Prev by Date: Re: IPSEC WORKING GROUP LAST CALL
Next by Date: Re: ISAKMP: Issues
Prev by thread: Re: IPSEC WORKING GROUP LAST CALL
Next by thread: Re: IPSEC WORKING GROUP LAST CALL
Index(es):
- Main
- Thread