[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: Son of IKE: A proposal for moving forward
At 2:39 PM -0400 6/18/02, Andrew Krywaniuk wrote:
>But you're doing something unfair. You are comparing your own prototype KMP,
>which has been specifically optimized for size, with a "typical" IPsec/IKE
>stack (which doesn't make sense... are you comparing IKE+IPsec to
>SPUNK+IPsec or just SPUNK?). I think we all have the ability to build scaled
>down versions of our products if we want (strip out 90% of the crypto, etc).
>About the only fundamental difference is the 1 vs 2 phase issue, and that
>can hardly account for a factor of 10 increase in size.
Another thing that might be considered unfair is the fact that we
haven't seen an Internet Draft describing the protocol so we can see
what it does and does not do. If such a draft existed, and the WG
thought it was worth even scant attention, I could have included it
in the features list document that we are using as the basis for this
thread.
[[ I certainly hope Ted and Barbara are not waiting for a new
Internet Draft from Michael before they start asking the questions
one at a time as they said they would start doing this week. ]]
If Michael comes out with a draft, we can see how it matches or
doesn't match the responses we get to the features that are going to
be enumerated in the WG Real Soon Now.
--Paul Hoffman, Director
--VPN Consortium