[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Definition of PFS...

To: Hilarie Orman <HORMAN@novell.com>
Subject: Re: Definition of PFS...
From: Ari Huttunen <Ari.Huttunen@F-Secure.com>
Date: Thu, 19 Oct 2000 21:09:59 +0300
CC: ipsec@lists.tislabs.com
Organization: F-Secure Corporation
References: <s9ead8c0.049@prv-mail20.provo.novell.com>
Sender: owner-ipsec@lists.tislabs.com

No, I'm equating anything "new" with "potentially unsecure".

Ari

Hilarie Orman wrote:
> 
> Why would you do MODP if you've got EC?   Are you equating "slow" with
> "secure"?
> 
> Hilarie
> 
> >>> Ari Huttunen <Ari.Huttunen@F-Secure.com> 10/16/00 04:22AM >>>
> Would it make any sense to do a low-security DH in phase I, followed
> by a higher-security DH in phase II, after the peer has been authenticated,
> to provide protection against some DoS attacks while also giving good
> long-term traffic protection?
> 
> Similarly, would it make sense to use elliptic curves in phase I,
> followed by MODP in phase II?

-- 
Ari Huttunen                   phone: +358 9 859 900
Senior Software Engineer       fax  : +358 9 8599 0452

F-Secure Corporation       http://www.F-Secure.com 

F-Secure products: Integrated Solutions for Enterprise Security

References:

Re: Definition of PFS...

From: "Hilarie Orman" <HORMAN@novell.com>

Prev by Date: Re: IPsec and Remote Access related drafts
Next by Date: RE: I-D ACTION:draft-ietf-ipsec-ike-modp-groups-00.txt
Prev by thread: Re: Definition of PFS...
Next by thread: Re: Reliable delete notifies
Index(es):
- Main
- Thread