[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Son of IKE: A proposal for moving forward

To: <ipsec@lists.tislabs.com>, "Paul Hoffman / VPNC" <paul.hoffman@vpnc.org>
Subject: Re: Son of IKE: A proposal for moving forward
From: "Scott Fanning" <sfanning@cisco.com>
Date: Tue, 18 Jun 2002 13:45:04 -0700
References: <000801c216f7$7f3b6f90$5570e640@ca.alcatel.com> <p05111a40b9354022881c@[165.227.249.18]>
Sender: owner-ipsec@lists.tislabs.com

So I am assuming that the requirements outlined by Cheryls and your document
have been agreed to (in general) by the community at large and can be used
as the criteria to evaluate the proposed protocols? I am starting to wonder
if the VPN problem and the Key Exchange problem may present different
criteria, and thus without knowing (or agreeing on) the problem scope,
evaluating what protocol is SOI may be difficult.

Scott
----- Original Message -----
From: "Paul Hoffman / VPNC" <paul.hoffman@vpnc.org>
To: <ipsec@lists.tislabs.com>
Sent: Tuesday, June 18, 2002 12:57 PM
Subject: RE: Son of IKE: A proposal for moving forward


> At 2:39 PM -0400 6/18/02, Andrew Krywaniuk wrote:
> >But you're doing something unfair. You are comparing your own prototype
KMP,
> >which has been specifically optimized for size, with a "typical"
IPsec/IKE
> >stack (which doesn't make sense... are you comparing IKE+IPsec to
> >SPUNK+IPsec or just SPUNK?). I think we all have the ability to build
scaled
> >down versions of our products if we want (strip out 90% of the crypto,
etc).
> >About the only fundamental difference is the 1 vs 2 phase issue, and that
> >can hardly account for a factor of 10 increase in size.
>
> Another thing that might be considered unfair is the fact that we
> haven't seen an Internet Draft describing the protocol so we can see
> what it does and does not do. If such a draft existed, and the WG
> thought it was worth even scant attention, I could have included it
> in the features list document that we are using as the basis for this
> thread.
>
> [[ I certainly hope Ted and Barbara are not waiting for a new
> Internet Draft from Michael before they start asking the questions
> one at a time as they said they would start doing this week. ]]
>
> If Michael comes out with a draft, we can see how it matches or
> doesn't match the responses we get to the features that are going to
> be enumerated in the WG Real Soon Now.
>
> --Paul Hoffman, Director
> --VPN Consortium

References:
- RE: Son of IKE: A proposal for moving forward
  - From: "Andrew Krywaniuk" <andrew.krywaniuk@alcatel.com>
- RE: Son of IKE: A proposal for moving forward
  - From: Paul Hoffman / VPNC <paul.hoffman@vpnc.org>

Prev by Date: RE: Son of IKE: A proposal for moving forward
Next by Date: Introduction to the IPSEC SOI feature questions
Prev by thread: RE: Son of IKE: A proposal for moving forward
Next by thread: RE: Son of IKE: A proposal for moving forward
Index(es):
- Date
- Thread