[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Please save the pre-shared key mode
>>>>> "Michael" == Michael Thomas <mat@cisco.com> writes:
Michael> Dan Harkins writes:
>> The draft which calls itself IKEv2 _is_ a working group draft.
Michael> In any case, my real point is that he shouldn't be reading
Michael> anything into the name since that's a function of the
Michael> requirements.
I don't think I'm reading much into the name. What I'm reading is the
substance of the discussion surrounding these various new protocol
proposals.
The substance, as far as I can tell, is that (a) these are proposals
for a protocol that is intended to REPLACE IKE -- as opposed to being
an additional protocol intended to exist alongside IKE; (b) some of
the people involved in the discussion believe that it is a requirement
for this successor protocol NOT to contain the pre-shared key feature
of IKE.
I don't believe this makes any sense. You can have long theological
discussions about the myths of PSK, and so forth. That doesn't really
do anything useful. The reality is that PSK is widely deployed in
current VPNs. It may be the most widely deployed, or not; I'm not
interested in that, but I do know that it is a significant fraction.
And yes, it is possible to deploy it insecurely -- just as it is
possible to deploy ANY security technology insecurely.
In my opinion, a proposed protocol requirements statement for the
"successor to IKE" protocol that omits or deprecates or disallows
pre-shared key is broken and will end up not being acceptable in the
real world.
paul
References: