[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Definition of PFS...

To: <Ari.Huttunen@F-Secure.com>, <ipsec@lists.tislabs.com>
Subject: Re: Definition of PFS...
From: "Hilarie Orman" <HORMAN@novell.com>
Date: Mon, 16 Oct 2000 10:30:22 -0600
Sender: owner-ipsec@lists.tislabs.com

Why would you do MODP if you've got EC?   Are you equating "slow" with
"secure"?

Hilarie

>>> Ari Huttunen <Ari.Huttunen@F-Secure.com> 10/16/00 04:22AM >>>
Would it make any sense to do a low-security DH in phase I, followed
by a higher-security DH in phase II, after the peer has been authenticated,
to provide protection against some DoS attacks while also giving good
long-term traffic protection?

Similarly, would it make sense to use elliptic curves in phase I,
followed by MODP in phase II?

Follow-Ups:

Re: Definition of PFS...

From: Ari Huttunen <Ari.Huttunen@F-Secure.com>

Prev by Date: Re: Simplifying IKE (was RE: Reliable delete notifies)
Next by Date: Re: Getting focus for son-of-IKE
Prev by thread: RE: Definition of PFS...
Next by thread: Re: Definition of PFS...
Index(es):
- Main
- Thread