[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Position statement on IKE development

To: Alex Alten <Alten@home.com>
Subject: Re: Position statement on IKE development
From: Henry Spencer <henry@spsystems.net>
Date: Fri, 3 Aug 2001 15:41:57 -0400 (EDT)
cc: Marcus Leech <mleech@nortelnetworks.com>, msec@securemulticast.org, ietf-ipsra@vpnc.org, ipsec-policy@vpnc.org, ipsec@lists.tislabs.com
In-Reply-To: <3.0.3.32.20010803112414.00eadaa0@mail>
Sender: owner-ipsec@lists.tislabs.com

On Fri, 3 Aug 2001, Alex Alten wrote:
> BTW Henry,
> The issue is not that parts of IPsec are superfluous.  
> The question is if IKE is broken then is IPsec also broken?  

That depends somewhat on exactly what you mean by "IPsec", which is why I
specifically referred to "the packet-level parts".  I don't think there is
much wrong with the packet-level stuff except for a few too many useless
options and alternatives.  The key-management ugliness doesn't seem to me
to have spilled over into the packet level (at least partly because the
packet-level work was nearly finished before key management came to the 
fore). 

                                                          Henry Spencer
                                                       henry@spsystems.net

Follow-Ups:

Re: Position statement on IKE development

From: Alex Alten <Alten@home.com>

References:

Re: Position statement on IKE development

From: Alex Alten <Alten@home.com>

Prev by Date: Re: Position statement on IKE development
Next by Date: Re: Position statement on IKE development
Prev by thread: Re: Position statement on IKE development
Next by thread: Re: Position statement on IKE development
Index(es):
- Main
- Thread