Re: Son of IKE: A proposal for moving forward

[Michael Thomas <mat@cisco.com>]

You get a self-fulfilling prophecy if your idea of
"practical applicability" == "VPN". Which is
exactly my point. Nobody's even considering any of
the other intended applicability of IPsec when
making decisions about how large the keying
kitchen sink needs to be.

	     Mike

Uri Blumenthal writes:
 > On Wednesday 12 June 2002 12:43, Michael Thomas wrote:
 > > ......The slant of this working group is very
 > > VPN-centric, much to the burden of things which
 > > aren't especially interested in remote access,
 > > amortization of authentication expense, etc, etc.
 > 
 > I'd rather say - the slant of this WG is towards the practical
 > industry-applicable, in other words usable in the field stuff,
 > for the *common* applications (such as VPN, remote access,
 > etc. etc).
 > 
 > > While this doesn't directly speak to favoring JFK
 > > or IKEv2, the design decisions of JFK are much
 > > more favorable to producing a streamlined key
 > > management protocol.
 > 
 > My personal first priority is usability+practicality,
 > streamlined-ness - only the second (that dies if
 > contradicts the first one).
 > 
 > > What is completely lost here is those implementations
 > > which *don't* need the added functionality and
 > > *don't* want the added cost............
 > 
 > Most of the *practical* implementations need most of the features
 > that IKEv2 offers. [those features are there *for a reason*.]
 > 
 > 
 > Maybe another protocol should be designed - an extremely streamlined
 > almost-no-features protocol to satisfy your application needs? [I for 
 > one won't implement it, but if market shares your need, there will
 > be room for it.]
 > -- 
 > Regards,
 > Uri-David
 > -=-=-<>-=-=-
 > <Disclaimer>