[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: RESEND: Thoughts on identity attacks
-----BEGIN PGP SIGNED MESSAGE-----
>>>>> "Khaja" == Khaja E Ahmed <khaja.ahmed@attbi.com> writes:
Khaja> Perhaps the fact that there were no responses suggests that not
Khaja> enough people think it is important. Let me introduce a counter
Khaja> view. I not only think it is not important but I think that
Khaja> pursuit of this goal risks further complicating an already too
Khaja> complicated protocol. I really think our energies are best
Khaja> directed at more important issues.
Yes, like getting a PKI implementation that people can actually use.
I'll bet that 90% of the "complexity" of IKE is really the I of PKI.
Khaja> After a year of discussions on requirements with product
Khaja> management of all the big VPN manufacturers, I have never even
Well, that's nice. I suggest that you write an IPsec VPN BCP.
This is not the VPN WG.
Khaja> I think most companies find PKI itself too complicated. Both VPN
I think that most companies have made very poor purchasing decisions
when it comes to PKI products. I can't blame them. The offerings have been
very horrible.
] ON HUMILITY: to err is human. To moo, bovine. | firewalls [
] Michael Richardson, Sandelman Software Works, Ottawa, ON |net architect[
] mcr@sandelman.ottawa.on.ca http://www.sandelman.ottawa.on.ca/ |device driver[
] panic("Just another NetBSD/notebook using, kernel hacking, security guy"); [
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3ia
Charset: latin1
Comment: Finger me for keys
iQCVAwUBPGGPB4qHRg3pndX9AQEphwP+K6C6BZ+o70+TUIWHvoGmLAfYjv3ADXKd
5+nBfYH8JrFHO7EWuXWjuJTWXmSdlV/AN/1nrqS2WHRs/ceFGHlrk7+BisJyg6VC
33yWXkmD7p1OCgGqWhkkl0WQnuN3Yu0I078rHhz/TxAXtX7lbvZ44ggcrmbM2usI
GSrfbOW80NI=
=wQ58
-----END PGP SIGNATURE-----