[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Remove little-used algorithms from IKEv2

To: Paul Hoffman / VPNC <paul.hoffman@vpnc.org>
Subject: Re: Remove little-used algorithms from IKEv2
From: Derek Atkins <warlord@mit.edu>
Date: 14 Mar 2002 20:19:12 -0500
Cc: ipsec@lists.tislabs.com
In-Reply-To: <p0510140ab8b6a4514ed7@[165.227.249.20]>
References: <p0510140ab8b6a4514ed7@[165.227.249.20]>
Sender: owner-ipsec@lists.tislabs.com
User-Agent: Gnus/5.0808 (Gnus v5.8.8) Emacs/20.7

Paul Hoffman / VPNC <paul.hoffman@vpnc.org> writes:

> In the same vein, all certificate formats other than #4 (X.509
> Certificate - Signature) should be deprecated as well. "PKCS #7
> wrapped X.509 certificate" is particularly bad given that there is no
> standard for how to "wrap" a certificate.

I'm not sure I agree with the first statement here.  I'm willing to be
convinced, but I think PGP certificates and maybe raw RSA keys are
both reasonable as well.

> --Paul Hoffman, Director
> --VPN Consortium

-derek

-- 
       Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
       Member, MIT Student Information Processing Board  (SIPB)
       URL: http://web.mit.edu/warlord/    PP-ASEL-IA     N1NWH
       warlord@MIT.EDU                        PGP key available

Follow-Ups:
- Re: Remove little-used algorithms from IKEv2
  - From: Paul Hoffman / VPNC <paul.hoffman@vpnc.org>

References:
- Remove little-used algorithms from IKEv2
  - From: Paul Hoffman / VPNC <paul.hoffman@vpnc.org>

Prev by Date: Re: 10 years and no ubiquitous security
Next by Date: Re: Remove little-used algorithms from IKEv2
Prev by thread: Re: Remove little-used algorithms from IKEv2
Next by thread: Re: Remove little-used algorithms from IKEv2
Index(es):
- Date
- Thread