[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: SOI QUESTIONS: 2.2 Perfect forward secrecy (PFS)

To: IP Security List <ipsec@lists.tislabs.com>
Subject: Re: SOI QUESTIONS: 2.2 Perfect forward secrecy (PFS)
From: Henry Spencer <henry@spsystems.net>
Date: Tue, 18 Jun 2002 23:31:23 -0400 (EDT)
In-Reply-To: <E17KRHm-0001IX-00@think.thunk.org>
Sender: owner-ipsec@lists.tislabs.com

On Tue, 18 Jun 2002, Theodore Ts'o wrote:
> 	In the past, the working group has pretty much decided that
> perfect forwrd secrecy as a possiblity is a requirement, so that isn't a
> uestion here.  The concept of being able to trade off performance
> with the level of PFS provided is a relative new possibility...

I have no strong feelings about the details of that, but I do want to put
in a plug on a slightly related point:  however the details work, two
conforming implementations should interoperate (policy permitting) without
prearranged agreement on PFS mode. 

This is one place where IKE falls down badly.  The choice of PFS or no PFS
is neither negotiated nor announced in the protocol, yet the two ends must
agree exactly or communication mysteriously fails.  (This is an empirical
fact; I haven't examined the details to sort out just how it happens.)

                                                          Henry Spencer
                                                       henry@spsystems.net

References:
- SOI QUESTIONS: 2.2 Perfect forward secrecy (PFS)
  - From: "Theodore Ts'o" <tytso@mit.edu>

Prev by Date: JFK draft editing error?
Next by Date: Re: SOI QUESTIONS: 2.1 Identity protection questions?
Prev by thread: SOI QUESTIONS: 2.2 Perfect forward secrecy (PFS)
Next by thread: Re: SOI QUESTIONS: 2.2 Perfect forward secrecy (PFS)
Index(es):
- Date
- Thread