[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Regarding the next version of IKE

To: "'Dennis Beard'" <beardd@nortelnetworks.com>, ipsec@lists.tislabs.com
Subject: RE: Regarding the next version of IKE
From: "Hallam-Baker, Phillip" <pbaker@verisign.com>
Date: Wed, 6 Mar 2002 14:47:00 -0800
Sender: owner-ipsec@lists.tislabs.com

Title: Regarding the next version of IKE

I am not convinced that compatibility with IKEv1 needs to be an overiding concern at this stage, however it is certainly an advantage.

Although IPSEC is in principle a peer-peer protocol current deployment is largely to support VPNs, the killer app being securing remote access. I am not particularly concerned about IPSEC embedded in operating systems, security patches are not uncommon these days.

A simpler IKE that is 'backwards compatible' would be nice, but how much compatibility would I really get in practice?

The penalty for losing backwards compatibility will be starting adoption from a lower base, but I might be willing to swap that for a higher rate of adoption.

Phill

Phillip Hallam-Baker FBCS C.Eng.
Principal Scientist
VeriSign Inc.
pbaker@verisign.com
781 245 6996 x227

Phillip Hallam-Baker (E-mail).vcf

Follow-Ups:
- Re: Regarding the next version of IKE
  - From: "Scott Fanning" <sfanning@cisco.com>

Prev by Date: Re: NAT Traversal
Next by Date: RE: NAT Traversal
Prev by thread: Regarding the next version of IKE
Next by thread: Re: Regarding the next version of IKE
Index(es):
- Date
- Thread