[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: 40bit DES?

To: Paul Koning <pkoning@xedia.com>
Subject: Re: 40bit DES?
From: Robert Moskowitz <rgm-sec@htt-consult.com>
Date: Wed, 13 May 1998 11:35:43 -0400
Cc: ipsec@tis.com
In-Reply-To: <199805131523.LAA11234@tonga.xedia.com>
References: <9805122209.AA30010@ornavella.watson.ibm.com><3.0.5.32.19980513000415.0096f700@homebase.htt-consult.com>
Sender: owner-ipsec@ex.tis.com

At 11:23 AM 5/13/98 -0400, Paul Koning wrote:
>
>Perhaps the intent is to weaken the ISAKMP SA, so you can read the
>quick mode exchanges?  Sounds like a good argument to turn on PFS.

Good for you!

Yes we are dealing with a full security system here with lots of knobs that
very few know how to turn.  The policy makers will be unable to understand
this and in the end will lose out.  Unfortunately, the spooks know and if
they educate the policy makers our job gets harder.

Basically all of this 40bit discuss is mute.  The IETF can say what it
wants and the vendors will do what they believe will sell.

I am much more concerned with any ill-conceived key recovery plan than a
device that supports 40 bit DES.

Robert Moskowitz
ICSA
Security Interest EMail: rgm-sec@htt-consult.com

References:

Re: 40bit DES?

From: Ran Canetti <canetti@watson.ibm.com>

Re: 40bit DES?

From: Robert Moskowitz <rgm-sec@htt-consult.com>

Re: 40bit DES?

From: Paul Koning <pkoning@xedia.com>

Prev by Date: Re: 40bit DES?
Next by Date: RE: 40bit DES? & IBM Patents
Prev by thread: Re: 40bit DES?
Next by thread: RE: 40bit DES?
Index(es):
- Main
- Thread