[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Position statement on IKE development

To: ipsec@lists.tislabs.com
Subject: Re: Position statement on IKE development
From: Michael Richardson <mcr@sandelman.ottawa.on.ca>
Date: Sat, 04 Aug 2001 22:40:35 -0400
In-reply-to: Your message of "04 Aug 2001 22:52:02 GMT." <9khuai$1hi$1@abraham.cs.berkeley.edu>
Sender: owner-ipsec@lists.tislabs.com


 >>>>> "David" == David Wagner <daw@mozart.cs.berkeley.edu> writes:
     David> I think this is probably unnecessary.  The main thing that deters
     David> analysis from the academics (from the anecdotes I've heard) is the
     David> complexity of IKE.  If this improves, my guess is that you're
     David> likely to receive better cryptanalysis from the community as a
     David> whole than you'd get from a consulting firm.

   Is IKE really that complex?
   Or rather, could be be much simpler and still get the job done?

   This is really a different question from: is IKE poorly documented?

   I think that we all agree that the document could be a lot better.
   I still think that this is really the first step. Clean up the document(s),
and doing nothing to the specification, and then decide what to chop.

]       ON HUMILITY: to err is human. To moo, bovine.           |  firewalls  [
]   Michael Richardson, Sandelman Software Works, Ottawa, ON    |net architect[
] mcr@sandelman.ottawa.on.ca http://www.sandelman.ottawa.on.ca/ |device driver[
] panic("Just another NetBSD/notebook using, kernel hacking, security guy");  [

References:

Re: Position statement on IKE development

From: daw@mozart.cs.berkeley.edu (David Wagner)

Prev by Date: Re: Position statement on IKE development
Next by Date: ipsec mailing list archive
Prev by thread: Re: Position statement on IKE development
Next by thread: Re: Position statement on IKE development
Index(es):
- Main
- Thread