Re: SOI QUESTIONS: 2.3 Perfect forward secrecy (PFS)

[Paul Koning <pkoning@equallogic.com>]

Excerpt of message (sent 20 June 2002) by Michael Richardson:
>     Tylor> Many customers have deployed with pre-shared key authentication
>     Tylor> ... will 
>     Tylor> these customers roll to IKEv2 if this authentication is not
>     Tylor> supported? 
>     Tylor> What is their migration path?
> 
>   They migrate from distributing opaque blobs of hex digits that must be
> kept private to distributing opaque blobs of base64 digits that do not
> benefit from staying private, but it doesn't hurt them either.
> 
>   Can they tell the difference? The length is a bit longer.

A LOT longer.  Long enough that -- unlike preshared keys -- you cannot
enter them manually.

>     Tylor> If pre-shared key authentication is not supported, is this WG
>     Tylor> going to 
>     Tylor> define a minimal set of how PKI is to be used with VPNs?  How
>     Tylor> keys/certs 
> 
>   PK, yes. 
> 
>   PKI, no. It is a PKIX problem.
>  
>   Everyone please repeat: PK does not require I to be useful.

True.  But PK, even if all you ever use is selfsigned certs, still
needs a lot more near-incomprehensible concepts than preshared keys
do.

	paul