[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Simplifying IKE (was RE: Reliable delete notifies)

To: IP Security List <ipsec@lists.tislabs.com>
Subject: Re: Simplifying IKE (was RE: Reliable delete notifies)
From: Henry Spencer <henry@spsystems.net>
Date: Fri, 13 Oct 2000 13:54:13 -0400 (EDT)
In-Reply-To: <200010130856.MAA28375@relay1.trustworks.com>
Sender: owner-ipsec@lists.tislabs.com

On Fri, 13 Oct 2000, Valery Smyslov wrote:
> > Photuris.  See OpenBSD.org
> 
> I know it well and I like it (especially its true stateless cookies). 
> However, it is not a real alternative to ISAKMP. It may be considered 
> as an alternative to IKE (as an "instantiation" of ISAKMP), but not 
> to ISAKMP itself.

That's true.  The question is whether there is any real need for an
alternative to ISAKMP.  The real alternative, as in Photuris, is simply
to design the data structures to suit the application, rather than
insisting that the application must be an "instantiation" of some more
general structure -- which typically is as much a hindrance as a help.

                                                          Henry Spencer
                                                       henry@spsystems.net

References:

Re: Simplifying IKE (was RE: Reliable delete notifies)

From: "Valery Smyslov" <svan@trustworks.com>

Prev by Date: Re: charter question re IKE changes
Next by Date: Re: Definition of PFS...
Prev by thread: Re: Simplifying IKE (was RE: Reliable delete notifies)
Next by thread: Re: Simplifying IKE (was RE: Reliable delete notifies)
Index(es):
- Main
- Thread