[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Please save the pre-shared key mode

To: "Wang, Cliff" <CWang@smartpipes.com>
Subject: RE: Please save the pre-shared key mode
From: Michael Thomas <mat@cisco.com>
Date: Thu, 6 Dec 2001 10:06:28 -0800 (PST)
Cc: "'Michael Thomas'" <mat@cisco.com>, Alex Alten <Alten@netvista.net>, ipsec@lists.tislabs.com
In-Reply-To: <4652644B98DFF34696801F8F3070D3FE011884A8@D2CSPEXM001.smartpipes.com>
References: <4652644B98DFF34696801F8F3070D3FE011884A8@D2CSPEXM001.smartpipes.com>
Sender: owner-ipsec@lists.tislabs.com

Wang, Cliff writes:
 > Very simple reasons,
 > 
 > IKEv1 is going to be replaced by IKEv2 in the future and KINK has yet to be
 > standardized and it is not going to replace IKE. On the other hand, adding
 > PSK support in IKEv2 is not an overkill, but provides much more
 > flexibilities and more choices for service providers.

KINK is very close to last call, and nobody's
claiming that it will replace IKE. And "choice" is
not necessarily a good thing. In fact, one of the
major lessons of IKEv1 (taken to heart by KINK)
was that "choice" is a distinctly *bad* thing.
Simplicity and narrow purpose in security
protocols is a *feature*, not a bug.

	     Mike

References:

RE: Please save the pre-shared key mode

From: "Wang, Cliff" <CWang@smartpipes.com>

Prev by Date: RE: Please save the pre-shared key mode
Next by Date: Re: IKEv2 & DoS protection (whoops. resend)
Prev by thread: RE: Please save the pre-shared key mode
Next by thread: RE: Please save the pre-shared key mode
Index(es):
- Main
- Thread