RE: Son of IKE: A proposal for moving forward

[Paul Hoffman / VPNC <paul.hoffman@vpnc.org>]

At 2:39 PM -0400 6/18/02, Andrew Krywaniuk wrote:
>But you're doing something unfair. You are comparing your own prototype KMP,
>which has been specifically optimized for size, with a "typical" IPsec/IKE
>stack (which doesn't make sense... are you comparing IKE+IPsec to
>SPUNK+IPsec or just SPUNK?). I think we all have the ability to build scaled
>down versions of our products if we want (strip out 90% of the crypto, etc).
>About the only fundamental difference is the 1 vs 2 phase issue, and that
>can hardly account for a factor of 10 increase in size.

Another thing that might be considered unfair is the fact that we 
haven't seen an Internet Draft describing the protocol so we can see 
what it does and does not do. If such a draft existed, and the WG 
thought it was worth even scant attention, I could have included it 
in the features list document that we are using as the basis for this 
thread.

[[ I certainly hope Ted and Barbara are not waiting for a new 
Internet Draft from Michael before they start asking the questions 
one at a time as they said they would start doing this week. ]]

If Michael comes out with a draft, we can see how it matches or 
doesn't match the responses we get to the features that are going to 
be enumerated in the WG Real Soon Now.

--Paul Hoffman, Director
--VPN Consortium