[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: IKE Public Key Encryption

To: IP Security List <ipsec@lists.tislabs.com>
Subject: Re: IKE Public Key Encryption
From: Henry Spencer <henry@spsystems.net>
Date: Tue, 21 Mar 2000 13:07:47 -0500 (EST)
In-Reply-To: <200003211355.IAA21659@lists.tislabs.com>
Sender: owner-ipsec@lists.tislabs.com

> But once I began to apply multiple certificates the point came quite
> clear. If the initiator does not send the HASH, the responder is out
> of luck in decrypting the messages unless all keys are tried... [and
> it's hard to decide whether a try is successful]
> Given this conversation...should it be mandatory?

Only if there is a well-defined convention for what it means in the case
where no certificates are involved, or if the mandatory-ness is only in
the certificate case.  One major reason for making things optional is so
they can be omitted when they do not make sense.

                                                          Henry Spencer
                                                       henry@spsystems.net

Follow-Ups:

Re: IKE Public Key Encryption

From: Jim Tiller <jtiller@lucent.com>

References:

No Subject

From: owner-ipsec@lists.tislabs.com

Prev by Date: RE: Adelaide Agenda?
Next by Date: RE: Heartbeats draft available
Prev by thread: No Subject
Next by thread: Re: IKE Public Key Encryption
Index(es):
- Main
- Thread