Re: Please save the pre-shared key mode

[Dan McDonald <danmcd@east.sun.com>]

> 1) Simplicity
> Pre-shared key mode is simpler to support by eliminating the requirement of
> supporting complex PKI.

It's a myth that public-key implies you MUST have a PKI.

Self-signed certs combined with explicit out-of-band trust models is just a
non-cumbersome as pre-shared keys, IMHO, and they also offer
IP-address-portability.  (Henry Spencer, correct me if I'm wrong, but
FreeSWAN has a self-signed cert model that works, right?)

If we keep pre-shared, let's have a scalable way of identifying them.  In a
multi-homed world (esp. IPv6), pre-shared keys indexed by address pairs is as
much hassle as PKI registration (it's just less snake-oil than most PKIs ;).

For testing, I run server machines with self-signed certs.  For small
(10-100) numbers of clients, it works out _quite_ nicely, and w/o any of the
PKI cruft.  Peer-to-peer explosions is about the only case where PKI is
really needed, and pre-shared won't help you any there either.  It's just a
matter of running certificate-generation, e-mail, and verifying hashes
out-of-band.

I'm not totally against nuking pre-shared.  It's not, however, the panacea of
simplicity many think it is, and simplicity arguments don't hold water.

Dan

---

Follow-Ups:

• Re: Please save the pre-shared key mode
• From: Henry Spencer <henry@spsystems.net>

References:

• Please save the pre-shared key mode
• From: "Wang, Cliff" <CWang@smartpipes.com>

---

• Prev by Date: RE: Please save the pre-shared key mode
• Next by Date: RE: Please save the pre-shared key mode
• Prev by thread: Re: Please save the pre-shared key mode
• Next by thread: Re: Please save the pre-shared key mode
• Index(es):
  • Main
  • Thread