[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Please save the pre-shared key mode

To: "'Henry Spencer'" <henry@spsystems.net>, Michael Choung Shieh <mshieh@netscreen.com>
Subject: RE: Please save the pre-shared key mode
From: Michael Choung Shieh <mshieh@netscreen.com>
Date: Fri, 7 Dec 2001 12:47:28 -0800
Cc: "Wang, Cliff" <CWang@smartpipes.com>, ipsec@lists.tislabs.com
Sender: owner-ipsec@lists.tislabs.com

We have the point here.  2nd approach is definitely better.  It's
preferrable for us but it's not preferrable for the sys admin.  If I am the
sys admin to setup hundreds of devices for employee's at-home gateway, using
PK in 2nd approach will kill me.

1st approach is easier for the admin.  However, why use PK if we need to
expose private-key.

IKEv1 has option of PSK and PK but most users choose PSK.  Before we kill
it, let's think about the reason of PSK popularity.  Why do we want to kill
a feature which most users use?  Is it insecure, or just because we (IPsec
community) think PK is better?

--------------------------------------------
Michael Shieh
--------------------------------------------

-----Original Message-----
From: Henry Spencer [mailto:henry@spsystems.net]
Sent: Friday, December 07, 2001 12:12 PM
To: Michael Choung Shieh
Cc: Wang, Cliff; ipsec@lists.tislabs.com
Subject: RE: Please save the pre-shared key mode

On Fri, 7 Dec 2001, Michael Choung Shieh wrote:
> How about someone unwrap the myth.  I don't care if it's PK or PSK as long
> as we can set it up as easy as setup PSK in IKE v1.
> Can someone show step-by-step procedure to set up PK?  In a typical
> scenario, the HQ sys admin sets up vpn and sends config to his
unknowledged
> remote offic peer to download to remote device.  How do we do it when
using
> PK without using PKI?

The HQ sysadmin generates a public/private key pair for the new
host/device, and that is sent to his remote peer as part of the config. 
Remote peer installs config (including key pair).  Communication is
established.  Just like PSK. 

Alternatively, loading the config into the remote system includes
generating a keypair, and the public key is then sent back to the HQ
sysadmin for inclusion in his setup.  Communication is established. 

The second approach is generally preferable, because it avoids ever
transmitting secret information (the private key) between the sysadmins. 
But it does require a bit more savvy on the part of the remote sysadmin,
and an extra sysadmin-to-sysadmin communications hop.  If the remote
sysadmin is really not up to much, and/or the software he is using is
unhelpful, having the HQ sysadmin do the keypair generation may be
preferable. 

                                                          Henry Spencer
                                                       henry@spsystems.net

Follow-Ups:

RE: Please save the pre-shared key mode

From: Henry Spencer <henry@spsystems.net>

Prev by Date: Re: discussion of SIGMA-IKE
Next by Date: RE: Please save the pre-shared key mode
Prev by thread: Re: Please save the pre-shared key mode
Next by thread: RE: Please save the pre-shared key mode
Index(es):
- Main
- Thread