[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Reliable delete notifies

To: Henry Spencer <henry@spsystems.net>
Subject: Re: Reliable delete notifies
From: "Derrell D. Piper" <ddp@cips.nokia.COM>
Date: Wed, 11 Oct 2000 02:19:19 -0700
cc: Dan Harkins <dharkins@cips.nokia.COM>, Ben McCann <bmccann@indusriver.com>, ipsec <ipsec@lists.tislabs.com>
In-Reply-To: Message from Henry Spencer <henry@spsystems.net> of "Mon, 09 Oct 2000 18:48:01 EDT." <Pine.BSI.3.91.1001009183713.2990A-100000@spsystems.net>
Sender: owner-ipsec@lists.tislabs.com

For purposes of concensus, I think Aggressive Mode is bloat and I'd like to
remove it.  There are ways to use pre-shared keys without fixed IP addresses
which solve the problem without giving up identity protection.  Aggressive
Mode is a remnant of the SKIP vs ISAKMP debate which optimized round-trips at
the expense of protocol complexity.  It was a bad design decision on our part
to include it in the first place.

Derrell

Follow-Ups:

Re: Simplifying IKE

From: Hugo Krawczyk <hugo@ee.technion.ac.il>

Prev by Date: Re: Reliable delete notifies
Next by Date: Re: ike and secure DNS
Prev by thread: Re: Reliable delete notifies
Next by thread: Re: Simplifying IKE
Index(es):
- Main
- Thread