[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Crypto algorithms for IKEv2
In regards to draft-hoffman-ipsec-algorithms-00-TEMP.txt, I notice that the
UI ciphersuites make no mention of PFS. Are we assuming that this is an
implementer decision?
Come to think of it, I don't think we ever resolved the issue of what to do
when the initiator of a CREATE_CHILD_SA exchange doesn't propose PFS but the
responder requires it. This could be accomplished with a
NOTIFY_PFS_REQUIRED_ALWAYS or NOTIFY_PFS_REQUIRED_NEXT_SA message.
Not that we could really change it now, but did anyone consider the idea of
acheiving PFS simply by applying a one-way hash to SKEYSEED_D, either
periodically or after every CREATE_CHILD_SA exchange? Sure, there are race
conditions, but I think they are easily fixed.
Andrew
--------------------------------------
The odd thing about fairness is when
we strive so hard to be equitable
that we forget to be correct.
_________________________________________________________________
Add photos to your e-mail with MSN 8. Get 2 months FREE*.
http://join.msn.com/?page=features/featuredemail