[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Position statement on IKE development
On Fri, 3 Aug 2001, Alex Alten wrote:
> BTW Henry,
> The issue is not that parts of IPsec are superfluous.
> The question is if IKE is broken then is IPsec also broken?
That depends somewhat on exactly what you mean by "IPsec", which is why I
specifically referred to "the packet-level parts". I don't think there is
much wrong with the packet-level stuff except for a few too many useless
options and alternatives. The key-management ugliness doesn't seem to me
to have spilled over into the packet level (at least partly because the
packet-level work was nearly finished before key management came to the
fore).
Henry Spencer
henry@spsystems.net
Follow-Ups:
References: