[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Remaining open issues for RFC-2401bis
Stephen Kent writes:
> And my bad experience is that while I could create and remember a key
> in the form of a pass phrase character string, I had to write down
> the hex key I created and very carefully, manually enter it into each
> system, which was error prone (despite my care), frustrating, and a
> very poor use of my time.
I have always configured those keys to my laptop, I do not enter them
after the first time ever. My laptop then have that kind of
information encrypted using the passphrase, and I only type in the
passphrase when I need any of those 10-40 character long random keys.
> I fear that you bring an implementer perspective to the problem, and
> I bring a user perspective, and it is unfortunate that the two don't
> overlap better :-)
Anyways ID_KEY_ID is little bit different, I do not think people are
going to type it in, it will be configured in to their system
configuration once, and then used in the IKE.
--
kivinen@safenet-inc.com