Re: is manual keying mandatory

[Robert Moskowitz <rgm-sec@htt-consult.com>]

At 06:44 PM 3/18/98 -0500, Bill Sommerfeld wrote:
>I feel strongly that manual keying should continue to be a MUST.

I also feel it should remain a MUST.

>There are going to be some times when the full complexity of ISAKMP
>won't be necessary; having manual keying universally available will
>improve interoperability and configurability in those situations...

I was jsut talking to Rodney about this.  There will be other KMPs, like
smartcards injecting session keying material based on barometric pressure
or some such.

>It also leaves makes more room for experimentation with new key
>management techniques, since a new key management system can be
>grafted on through the "manual" key management interface.

There will be business requirements that will leverage off of this.
Perhaps an imbedded system might only do manual keys, so the workstation
that talks to that system (say a pacemaker, how is that for an 'imbedded
system') will also need to support manual keys.

>It's also useful in testing to ensure that the transforms, etc., are
>in a position to really reject things like weak keys.

probably the only way to test weak keys code paths.


Robert Moskowitz
ICSA
Security Interest EMail: rgm-sec@htt-consult.com

---

References:

• Re: is manual keying mandatory
• From: Bill Sommerfeld <sommerfeld@orchard.arlington.ma.us>

---

• Prev by Date: Re: is manual keying mandatory (fwd)
• Next by Date: Re: is manual keying mandatory
• Prev by thread: Re: is manual keying mandatory
• Next by thread: Re: is manual keying mandatory
• Index(es):
  • Main
  • Thread