[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Position statement on IKE development
>>>>> "David" == David Wagner <daw@mozart.cs.berkeley.edu> writes:
David> I think this is probably unnecessary. The main thing that deters
David> analysis from the academics (from the anecdotes I've heard) is the
David> complexity of IKE. If this improves, my guess is that you're
David> likely to receive better cryptanalysis from the community as a
David> whole than you'd get from a consulting firm.
Is IKE really that complex?
Or rather, could be be much simpler and still get the job done?
This is really a different question from: is IKE poorly documented?
I think that we all agree that the document could be a lot better.
I still think that this is really the first step. Clean up the document(s),
and doing nothing to the specification, and then decide what to chop.
] ON HUMILITY: to err is human. To moo, bovine. | firewalls [
] Michael Richardson, Sandelman Software Works, Ottawa, ON |net architect[
] mcr@sandelman.ottawa.on.ca http://www.sandelman.ottawa.on.ca/ |device driver[
] panic("Just another NetBSD/notebook using, kernel hacking, security guy"); [
References: