[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Simplifying IKE
Sandy Harris wrote:
>The Leech, Schiller and Bellovin (LSB?) document mentions:
>> the goal: to produce a more secure, simpler, and more robust version of IKE.
>
>From the Schneier and Ferguson analysis we get:
>> 1: eliminate transport mode
>> 2. eliminate the AH protocol
>> 3. modify ESP to always authenticate [...]
>> 4. modify ESP to ensure it authenticates all data [...]
What do any of those have to do with IKE? Those are all about
the packet-level format, which has very little to do with IKE, as
far as I can see.
Follow-Ups:
References: