[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Reliable delete notifies

To: ipsec@lists.tislabs.com
Subject: Re: Reliable delete notifies
From: "Thomas Porter, Ph.D." <tporter@dtool.com>
Date: Mon, 09 Oct 2000 20:59:50 -0400
In-Reply-To: <200010090310.e993AUM18668@nyarlathotep.cis.upenn.edu>
References: <Your message of "Sat, 07 Oct 2000 09:58:20 PDT." <200010071658.JAA22917@potassium.network-alchemy.com>
Sender: owner-ipsec@lists.tislabs.com

At 11:10 PM 10/8/2000 -0400, you wrote:

>I would in fact argue for removal of preshared-key authentication; it was
>useful for debugging or for very simple setups, but the protocol complexity
>introduced both directly (because of the need to support 2 or 3 auth methods)
>and indirectly (encourages addition of other authentication mechanisms) are
>simply not worth it.

I'm not sure that it matters much here, but we need IPSec solutions, and
are using 
them now.  Without the ability to use preshared keys, we would not have
been able
to hack out the solutions we currently have in a production environment..
Tom
>
>Ways to retrieve certificates (or have temporary certificates issued, after
>using XYZ authentication) are known, simple, and well-understood.
>-Angelos
>

Follow-Ups:

Re: Reliable delete notifies

From: Dan Harkins <dharkins@cips.nokia.com>

Re: Reliable delete notifies

From: "Angelos D. Keromytis" <angelos@dsl.cis.upenn.edu>

References:

Re: Reliable delete notifies

From: "Angelos D. Keromytis" <angelos@dsl.cis.upenn.edu>

Prev by Date: Re: Reliable delete notifies
Next by Date: Re: IPSec test suite
Prev by thread: Re: Reliable delete notifies
Next by thread: Re: Reliable delete notifies
Index(es):
- Main
- Thread