[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Comments on draft-ietf-ipsec-ike-01.txt (long)

To: Joe Tardo <jtardo@freegate.com>
Subject: Re: Comments on draft-ietf-ipsec-ike-01.txt (long)
From: Dan Harkins <dharkins@network-alchemy.com>
Date: Thu, 10 Jun 1999 13:48:54 -0700
cc: "Derrell D. Piper" <ddp@network-alchemy.com>, Paul Koning <pkoning@xedia.com>, ipsec@lists.tislabs.com
In-reply-to: Your message of "Wed, 09 Jun 1999 17:48:50 PDT." <3.0.1.32.19990609174850.00e38b78@gateway.hq.freegate.com>
Sender: owner-ipsec@lists.tislabs.com

  For the umpteenth time, no. 

  Dan.

On Wed, 09 Jun 1999 17:48:50 PDT you wrote
> Suppose my policy is configured for NULL encryption, would this mean I MUST
> encrypt if the offer proposes, say, 3DES first and NULL second?
> 
> At 09:38 AM 6/3/99 -0700, Derrell D. Piper wrote:
> >>   So let me ask the entire working group: should vendors be prohibited fro
>m
> >> accepting a key length greater than what they have configured? Should they
> >> be prohibited from accepting a stronger group? 
> >
> >Absolutely not and I'd go so far as to make it a SHOULD instead of a MAY.
> >
> >We're trying to design good security, not workarounds for bad
> implementations.
> >
> >Derrell
> >
> >

References:

Re: Comments on draft-ietf-ipsec-ike-01.txt (long)

From: Joe Tardo <jtardo@freegate.com>

Prev by Date: Re: Comments on draft-ietf-ipsec-ike-01.txt (long)
Next by Date: RE: Comments on draft-ietf-ipsec-ike-01.txt (long)
Prev by thread: Re: Comments on draft-ietf-ipsec-ike-01.txt (long)
Next by thread: Re: Comments on draft-ietf-ipsec-ike-01.txt (long)
Index(es):
- Main
- Thread