Re: Two issues: AH death, and SA identification

[Derek Atkins <warlord@mit.edu>]

Perhaps we need yet another "line" separating SA management and key
management?  (As it is, KINK will probably incorporate much of IKE
phase-II quick-mode for the SA negotiation).

-derek

Stephen Kent <kent@bbn.com> writes:

> Negotiation of SA parameters is an SA management function, though not 
> necessarily a key management function. We have disconnects today 
> between IKE capabilities and IPsec architecture. I want to close 
> those gaps in the next rev, and not by reducing IPsec functionality.
> 
> Perhaps what I should say is that I want to specify more concretely 
> what an SA management protocol must provide for IPsec, whether that 
> protocol is IKE or not.
> 
> Steve

-- 
       Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
       Member, MIT Student Information Processing Board  (SIPB)
       URL: http://web.mit.edu/warlord/    PP-ASEL-IA     N1NWH
       warlord@MIT.EDU                        PGP key available

---

Follow-Ups:

• Re: Two issues: AH death, and SA identification
• From: Michael Thomas <mat@cisco.com>

References:

• Re: Two issues: AH death, and SA identification
• From: Stephen Kent <kent@bbn.com>
• Re: Two issues: AH death, and SA identification
• From: Derek Atkins <warlord@mit.edu>
• Re: Two issues: AH death, and SA identification
• From: Stephen Kent <kent@bbn.com>

---

• Prev by Date: Re: Two issues: AH death, and SA identification
• Next by Date: RE: On transport-level policy enforcement (was Re: RFC 2401...)
• Prev by thread: Re: Two issues: AH death, and SA identification
• Next by thread: Re: Two issues: AH death, and SA identification
• Index(es):
  • Main
  • Thread