[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Reliable delete notifies

To: Henry Spencer <henry@spsystems.net>
Subject: Re: Reliable delete notifies
From: Jan Vilhuber <vilhuber@cisco.com>
Date: Mon, 9 Oct 2000 17:34:38 -0700 (PDT)
cc: Dan Harkins <dharkins@cips.nokia.com>, Ben McCann <bmccann@indusriver.com>, ipsec <ipsec@lists.tislabs.com>
In-Reply-To: <Pine.BSI.3.91.1001009183713.2990A-100000@spsystems.net>
Sender: owner-ipsec@lists.tislabs.com

On Mon, 9 Oct 2000, Henry Spencer wrote:

> On Sat, 7 Oct 2000, Dan Harkins wrote:
> > ...Does the Working Group want to keep
> > Aggressive Mode? Is Aggressive Mode "standards bloat" or
> > is it a necessary addition to do what Ben wants to do?
> 
> The FreeS/WAN project thinks it's bloat and says get rid of it.  We will
> not implement it, ever. 
> 
> As others have noted, anything you can do with shared secrets, you can do
> better with manually-installed public keys.

Actually, I've come to think (during the course of the day) that this is not
actually true. With pre-shared keys, you have ONE SINGLE key. This means that
I can create a special install-package for my employees, that they can
install on their computer, that contains this shared-key. (Yes I know it's
insecure.. bear with me).

With pure public keys, you need TWO of them. Granted, I can provision every
box with the same private key, which would make it equivalent to the above
group-pre-shared key scenarion. But in reality you need two public keys,
where before you had a single pre-shared key.

Ok.. I'm not comparing apples-to-apples... So shoot me. For some reason a
group-rsa-private-key bothers me even MORE than a group-pre-shared key,
although that's rather irrational.

Is free-swan planning or at least thinking about implementing hybrid mode?
Then you could provision every peer with a central gateway's public key at
installation time, and use one-time passwords for authentication... The
alternative is a group-rsa-key, and xauth. Shudder. Or CRACK?

jan

> Now that a certain patent has
> died, we're moving to RSA signatures as our normal authentication method,
> with shared secrets not actually de-supported... at least, not yet... but
> moved to the "esoteric specialized topics" category already occupied by
> things like manual keying.  This removes our last vestige of interest in
> Aggressive Mode. 
> 
>                                                           Henry Spencer
>                                                        henry@spsystems.net
> 

 --
Jan Vilhuber                                            vilhuber@cisco.com
Cisco Systems, San Jose                                     (408) 527-0847

Follow-Ups:

Re: Reliable delete notifies

From: Henry Spencer <henry@spsystems.net>

References:

Re: Reliable delete notifies

From: Henry Spencer <henry@spsystems.net>

Prev by Date: Re: Reliable delete notifies
Next by Date: Re: Reliable delete notifies
Prev by thread: Re: Reliable delete notifies
Next by thread: Re: Reliable delete notifies
Index(es):
- Main
- Thread