[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: Regarding the next version of IKE
Title: Regarding the next version of IKE
I am
not convinced that compatibility with IKEv1 needs to be an overiding concern at
this stage, however it is certainly an advantage.
Although IPSEC is in principle a peer-peer protocol
current deployment is largely to support VPNs, the killer app being
securing remote access. I am not particularly concerned about IPSEC embedded in
operating systems, security patches are not uncommon these
days.
A
simpler IKE that is 'backwards compatible' would be nice, but how much
compatibility would I really get in practice?
The
penalty for losing backwards compatibility will be starting adoption from a
lower base, but I might be willing to swap that for a higher rate of
adoption.
Phill
Phillip Hallam-Baker FBCS C.Eng.
Principal
Scientist
VeriSign Inc.
pbaker@verisign.com
781 245 6996
x227
Phillip Hallam-Baker (E-mail).vcf