[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: Son-of-IKE Performance
On Fri, 7 Dec 2001, Andrew Krywaniuk wrote:
> > But those details are not nearly as controversial as JFK vs.
> > IKEv2 vs.
> > SIGMA vs. XKASS, and not even as controversial as the requirements on
> > which we'll base that choice. This is, I think, obvious to
> > everyone.
> > Why are you beating on this point? Is there anyone here, with the
> > possible exception of you, who thinks that this is the
> > crucial criterion
> > on which the WG is going to decide among the different proposals?
>
> It is a little misleading for a protocol which being presented as the
> 'simple alternative' to omit many of the so-called minor details. I
> personally doubt that the crytographic framework will really be the deciding
> factor in which protocol advances. It might make the difference between
> IKEv2 and SIGMA, but not JFK. JFK is not just a key exchange protocol; it's
> a political movement.
>
> Here's a question. Have the authors of JFK given any thought to how (if?)
> they will incorporate NAT-traversal? With IKEv2, the already completed
> drafts from IKEv1 can be presumably carried forward.
>
That being said, how about we divert some of this energy to debating the
requirements doc:
http://www.ietf.org/internet-drafts/draft-ietf-ipsec-son-of-ike-protocol-reqts-00.txt
The requirements do (I believe) talk about having to support Nat traversal
(as well as a few other things that JFK doesn't address). If we all agree to
the requirements, then we can continue debating whether JFK must add them.
jan
--
Jan Vilhuber vilhuber@cisco.com
Cisco Systems, San Jose (408) 527-0847
Follow-Ups:
References: