SOI QUESTIONS: 2.2 Perfect forward secrecy (PFS)

["Theodore Ts'o" <tytso@mit.edu>]

Notes from the chair:

	This question is one where when I looked at the soi-features-00
document, I saw a great amount of discussion about the details of how
IKEv2 and JFK accomplished their (partial) PFS capabilities.  However,
in terms of the actual functionality offered, I really couldn't see much
differece between the two approaches.  (If an JFK or IKE designer would
beg to differ, please do so.)

	In the past, the working group has pretty much decided that
perfect forwrd secrecy as a possiblity is a requirement, so that isn't a
uestion here.  The concept of being able to trade off performance
with the level of PFS provided is a relative new possibility.  

					- Ted

2.2 Perfect forward secrecy (PFS)

2.2.A) JFK and IKEv2 can provide PFS as well as "imperfect forward
secrecy" by trading off performance versus the level of PFS provided.
The funcitonality provided is roughly identical.  Does anyone care
about the details of how IKEv2 versus JFK provides this functionality?
Should we just flip a coin?

Implications from the Scenarios:

[none]