Re: Do ipsec vendors care about privacy?

[Hugo Krawczyk <hugo@ee.technion.ac.il>]

On Wed, 19 Mar 2003, Russ Housley wrote:

> Hugo, in my view it is too late to be raising a question that will cause 
> major surgery on the document.  It is time to fix things that are broken, 
> make the document internally consistent, and publish it.  I do not think it 
> is time to raise new requirements.
> 
> Russ
> Your local, friendly, incoming Security Area Director
> 

Hi Russ, first congratulations for the new poisition. Good luck.

This response really sounds as coming from the area director :) 
ANyway, I'd agree with you that this is too late if the change I proposed
required "major surgery on the document". But it doesn't.
Any of the proposed solutions takes a 1 minute editorial work,
just moving one or two fields from one message to the other in section
2.16 (and has no influence on other partts of the document).

The question is not specification complexity which is null for this
changes. ALso, it is not a performance issue. None of the proposed changes
add round trips or computation (a message to the list from
Antonio Forzieri might have given that impression but his
modification of my proposal was unnecessary as he later stated himself).  

The only question is operational: can the responder (server) send the
first EAP message before getting IDi? If this is the case (as it was in
PIC and seems tobe agreed in some responses to my message) then we are
done at no cost at all (solution 1). If not, we may need to go to 
solution 2 (in which the responder authenticates in message 2). Here the
main operational issue, pointed out by Antonio, is that you need to have a
way for the initiator to signal that he is requiring legacy
authentication.

So all we need is some feedback on the above operational issues, and then
make a definitive decision about the right design/privacy trade-off.
It should not put any delay on the closure of ikev2.

Hugo