[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: Please save the pre-shared key mode
Wang, Cliff writes:
> Very simple reasons,
>
> IKEv1 is going to be replaced by IKEv2 in the future and KINK has yet to be
> standardized and it is not going to replace IKE. On the other hand, adding
> PSK support in IKEv2 is not an overkill, but provides much more
> flexibilities and more choices for service providers.
KINK is very close to last call, and nobody's
claiming that it will replace IKE. And "choice" is
not necessarily a good thing. In fact, one of the
major lessons of IKEv1 (taken to heart by KINK)
was that "choice" is a distinctly *bad* thing.
Simplicity and narrow purpose in security
protocols is a *feature*, not a bug.
Mike
References: