[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: IPSEC WORKING GROUP LAST CALL
> >>>>1. No data recovery of an encrypted IP datagram payload.
> >>>This is a feature, not a bug, by strong consensus...
> >>
> >>I understand this. I am certain that this requirement will not change for
> >>the forseeable future, regardless of our consensus. I am also certain that
> >>this requirement can be met, in a manner that would satisfy our community...
> >
> >A significant fraction of the community will not be satisfied by any
> >protocol which incorporates key recovery. The objection is not to the
> >technical details of key recovery, but to its presence in any form.
> >
>
> My view is that it's just another tool to be used to solve certain types of
> problems. Whether you realize it or not, we have been outmaneuvered by other
> communities with different desires.
It's not really "outmaneuvered"; it's more like conceding the low-ground.
The only justification for key recovery in a communications product (as
opposed to a stored-data product) is to facillitate evesdropping. We don't
want to "solve" that problem-- and in fact don't view lack of key recovery
as a problem in the first place!
Dan.
References: