[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Son-of-IKE Performance

To: "Hallam-Baker, Phillip" <pbaker@verisign.com>
Subject: Re: Son-of-IKE Performance
From: Eric Rescorla <ekr@rtfm.com>
Date: 07 Dec 2001 17:03:04 -0800
Cc: "'Henry Spencer'" <henry@spsystems.net>, IP Security List <ipsec@lists.tislabs.com>
In-Reply-To: "Hallam-Baker, Phillip"'s message of "Fri, 7 Dec 2001 14:06:36 -0800"
References: <2F3EC696EAEED311BB2D009027C3F4F4058698C7@vhqpostal.verisign.com>
Reply-to: EKR <ekr@rtfm.com>
Sender: owner-ipsec@lists.tislabs.com

"Hallam-Baker, Phillip" <pbaker@verisign.com> writes:
> Let us leave such discussions to the point where we have selected an
> algorithm to implement.
>
> My reason for calling foul was that an argument was made on 
> performance grounds, not on the grounds that the specification 
> is incomplete.
>
> We know that the specifications are incomplete. Those contributing
> to the discussion are all capable of filling in the abstracted 
> elements.
I'm with Phill on this one. While it's true that it's a failing
of many IETF protocols to be insufficiently specific, it's equally
true that misplaced concreteness is a serious problem in the
early design phases of many IETF protocols. Let's decide on
the cryptographic skeleton first and once we've done that we
can decide on the bits on the wire and the detailed key expansion
transforms, both of which are largely orthogonal to the key agreement
issue we're currently discussing.

> As it happens XKASS is faster than JFK, SIGMA or IKE, using fewer
> round trips and fewer cryptographic operations.
I had noticed that :)

-Ekr

-- 
[Eric Rescorla                                   ekr@rtfm.com]
                http://www.rtfm.com/

References:

RE: Son-of-IKE Performance

From: "Hallam-Baker, Phillip" <pbaker@verisign.com>

Prev by Date: Re: Please save the pre-shared key mode
Next by Date: JFK algorithm choice
Prev by thread: RE: Son-of-IKE Performance
Next by thread: Re: Son-of-IKE Performance
Index(es):
- Main
- Thread