RE: Just Fast Keying (JFK) draft

["sami.vaarala" <sva@netseal.com>]

On Wed, 28 Nov 2001, Hallam-Baker, Phillip wrote:
 > I am somewhat disappointed that there appears to have been almost no
 > substantive discussion of JFK on the list. This may indicate that the
 > protocol is secure, or it may indicate that nobody has been bothered to read
 > it - which given the effort put into previous flames over the subject of
 > keying would be somewhat disappointing.

I read the draft, and found it very promising.  However, it is difficult
to compare IKEv1/IKEv2 to JFK at this point, because JFK has not been
specified in full detail yet.  (I'm referring to implementation
complexity, a security comparison should be possible.)

To compare fairly, a wire format and a definition of the JFK "sa"
payload would be needed.  In IKEv2, the SA payload and the traffic
selectors are a major cause of complexity, and thus have to be taken
into account when comparing the two proposals.

-Sami

---

Follow-Ups:

• Re: Just Fast Keying (JFK) draft
• From: Sara Bitan <sarab@cs.Technion.AC.IL>

References:

• RE: Just Fast Keying (JFK) draft
• From: "Hallam-Baker, Phillip" <pbaker@verisign.com>

---

• Prev by Date: Re: SOI: identity protection and DOS
• Next by Date: Re: SOI: identity protection and DOS
• Prev by thread: RE: Just Fast Keying (JFK) draft
• Next by thread: Re: Just Fast Keying (JFK) draft
• Index(es):
  • Main
  • Thread