[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Remaining open issues for RFC-2401bis

To: Stephen Kent <kent@bbn.com>
Subject: Re: Remaining open issues for RFC-2401bis
From: Tero Kivinen <kivinen@iki.fi>
Date: Sat, 27 Mar 2004 10:34:53 +0200
Cc: ipsec@lists.tislabs.com
In-reply-to: <p06020404bc8a1bc4746c@[128.89.89.75]>
References: <200403200415.i2K4FlQU007773@thunk.east.sun.com><p06100407bc8210eadd2d@[63.202.92.152]><p06020401bc854e7aeba7@[10.84.130.85]><16480.9936.57483.798886@fireball.acr.fi><p06020401bc8612e45d2f@[128.89.89.75]><16480.32863.476549.187521@fireball.acr.fi><p06020401bc874c0ac4cc@[128.33.244.157]><16482.57437.574350.440617@fireball.acr.fi><p06020407bc88a41e696c@[128.89.89.75]><16483.65081.442633.47762@fireball.acr.fi><p06020404bc8a1bc4746c@[128.89.89.75]>
Sender: owner-ipsec@lists.tislabs.com

Stephen Kent writes:
> And my bad experience is that while I could create and remember a key 
> in the form of a pass phrase character string, I had to write down 
> the hex key I created and very carefully, manually enter it into each 
> system, which was error prone (despite my care), frustrating, and a 
> very poor use of my time.

I have always configured those keys to my laptop, I do not enter them
after the first time ever. My laptop then have that kind of
information encrypted using the passphrase, and I only type in the
passphrase when I need any of those 10-40 character long random keys. 

> I fear that you bring an implementer perspective to the problem, and 
> I bring a user perspective, and it is unfortunate that the two don't 
> overlap better :-)

Anyways ID_KEY_ID is little bit different, I do not think people are
going to type it in, it will be configured in to their system
configuration once, and then used in the IKE. 
-- 
kivinen@safenet-inc.com

References:
- Re: Remaining open issues for RFC-2401bis
  - From: Bill Sommerfeld <sommerfeld@east.sun.com>
- Re: Remaining open issues for RFC-2401bis
  - From: Paul Hoffman / VPNC <paul.hoffman@vpnc.org>
- Re: Remaining open issues for RFC-2401bis
  - From: Stephen Kent <kent@bbn.com>
- Re: Remaining open issues for RFC-2401bis
  - From: Tero Kivinen <kivinen@iki.fi>
- Re: Remaining open issues for RFC-2401bis
  - From: Stephen Kent <kent@bbn.com>
- Re: Remaining open issues for RFC-2401bis
  - From: Tero Kivinen <kivinen@iki.fi>
- Re: Remaining open issues for RFC-2401bis
  - From: Stephen Kent <kent@bbn.com>
- Re: Remaining open issues for RFC-2401bis
  - From: Tero Kivinen <kivinen@iki.fi>
- Re: Remaining open issues for RFC-2401bis
  - From: Stephen Kent <kent@bbn.com>
- Re: Remaining open issues for RFC-2401bis
  - From: Tero Kivinen <kivinen@iki.fi>
- Re: Remaining open issues for RFC-2401bis
  - From: Stephen Kent <kent@bbn.com>

Prev by Date: Re: 2nd try
Next by Date: IDci and IDcr payloads with NAT Traversal
Previous by thread: Re: Remaining open issues for RFC-2401bis
Next by thread: Re: Remaining open issues for RFC-2401bis
Index(es):
- Date
- Thread