Re: Reliable delete notifies

["Angelos D. Keromytis" <angelos@dsl.cis.upenn.edu>]

[snip]
>  I'm doing this work for the Working Group and I can't just
>unilaterally declare that Aggressive Mode is out. I was 
>noting that it's out of my drafty-draft. If the Working Group
>wants Aggressive Mode in the protocol then it is in. So let's
>start a discussion. Does the Working Group want to keep
>Aggressive Mode? Is Aggressive Mode "standards bloat" or
>is it a necessary addition to do what Ben wants to do?

I would in fact argue for removal of preshared-key authentication; it was
useful for debugging or for very simple setups, but the protocol complexity
introduced both directly (because of the need to support 2 or 3 auth methods)
and indirectly (encourages addition of other authentication mechanisms) are
simply not worth it.

Ways to retrieve certificates (or have temporary certificates issued, after
using XYZ authentication) are known, simple, and well-understood.
-Angelos

---

Follow-Ups:

• Re: Reliable delete notifies
• From: Tero Kivinen <kivinen@ssh.fi>
• Re: Reliable delete notifies
• From: "Thomas Porter, Ph.D." <tporter@dtool.com>
• Re: Reliable delete notifies
• From: Michael Richardson <mcr@solidum.com>
• Re: Reliable delete notifies
• From: "Plummer, Ron" <rplummer@telcordia.com>

References:

• Re: Reliable delete notifies
• From: Dan Harkins <dharkins@cips.nokia.com>

---

• Prev by Date: Re: Reliable delete notifies
• Next by Date: Re: Reliable delete notifies
• Prev by thread: Re: Reliable delete notifies
• Next by thread: Re: Reliable delete notifies
• Index(es):
  • Main
  • Thread