[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Comments on draft-ietf-ipsec-ike-01.txt

To: <dharkins@network-alchemy.com>, <skelly@redcreek.com>
Subject: Re: Comments on draft-ietf-ipsec-ike-01.txt
From: "Hilarie Orman" <HORMAN@novell.com>
Date: Fri, 04 Jun 1999 17:58:42 -0600
Cc: <ipsec@lists.tislabs.com>, <pkoning@xedia.com>
Sender: owner-ipsec@lists.tislabs.com

Wouldn't it be valid for local policy to preclude disclosing
the fact of particular crypto capabilities in some
contexts?

I tend towards the idea that the policy specifiers should
say which offers are valid in which contexts; the
advice to "lean towards stronger crypto" should fall
on their ears.

I also feel queasy about the assumption that there is a
monotone relation between a parameter and the crypto
strength.  Embodying this interpretation in IKE might
be the sort of thing that returns to haunt.

Hilarie

Prev by Date: Re: Comments on draft-ietf-ipsec-ike-01.txt
Next by Date: Re: Comments on draft-ietf-ipsec-ike-01.txt
Prev by thread: Re: Comments on draft-ietf-ipsec-ike-01.txt
Next by thread: Re: Comments on draft-ietf-ipsec-ike-01.txt
Index(es):
- Main
- Thread