[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: IKE must have no Heirs

To: "Hallam-Baker, Phillip" <pbaker@verisign.com>
Subject: RE: IKE must have no Heirs
From: Stephen Kent <kent@bbn.com>
Date: Wed, 15 Aug 2001 15:41:12 -0400
Cc: ipsec@lists.tislabs.com
In-Reply-To: <2F3EC696EAEED311BB2D009027C3F4F4058696DF@vhqpostal.verisign.com>
References: <2F3EC696EAEED311BB2D009027C3F4F4058696DF@vhqpostal.verisign.com>
Sender: owner-ipsec@lists.tislabs.com

At 8:20 AM -0700 8/15/01, Hallam-Baker, Phillip wrote:
>  > SKIP was a poor choice for any long-lived SA, because SKIP forced
>>  every packet to carry SA state information in lieu of exchanging SA
>>  establishment messages.
>
>I see no reason why that specific problem could not have been fixed.
>If you have a securely established shared secret that is securely bound
>to a shared context there should be no per packet state requirement.

Phil,

You seem to be confusing the name of a protocol, and your apparent 
fondness for it, with the details that define that protocol.  I don't 
recall your participation in IPsec WG activities during the time that 
the SKIP vs. IKE war took place, so perhaps your understanding of the 
history here is not so precise.

Steve

References:

RE: IKE must have no Heirs

From: "Hallam-Baker, Phillip" <pbaker@verisign.com>

Prev by Date: RE: [Design] Re: Wes Hardaker: opportunistic encryption deployment problems
Next by Date: RE: IKE must have no Heirs
Prev by thread: RE: IKE must have no Heirs
Next by thread: RE: IKE must have no Heirs
Index(es):
- Main
- Thread