[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: IKEv2 and SIGMA
SIGMA does need these specifications and the draft explicitly says
that the description is NOT intended to represent a complete
specification.
I wrote this draft with the idea of providing "son-of-ike"
with SECURE, SIMPLE, INEXPENSIVE cryptographic mechanisms.
At the same time (I did not know of the advanced stage of your new draft)
you did a great work in creating the necessary surrounding specifications.
I do NOT consider IKEv2 and SIGMA as competing proposals but rather as
excellent complementary work ready to be merged.
Hugo
On Mon, 26 Nov 2001, Dan Harkins wrote:
> Hugo,
>
> On Tue, 27 Nov 2001 01:18:56 +0200 you wrote
> >
> > (2) the specification of ESP, or its underlying assumptions (such as MUST
> > vs MAY), may change one day without relation to its use in IKE in a way that
> > will compromise IKE's security (this concern would be valid even for a stable
> > protocol, more so for ESP whose version 3 was just posted)
>
> SIGMA refers to RFC2409 in the same manner and for the same reason that
> IKEv2 refers to RFC2406.
>
> Don't you think that SIGMA should completely define its method of padding,
> encryption, and IV generation itself and not rely on a specification which
> may change one day?
>
> Dan.
>
>
>
References: