Michael Richardson wrote: ... > Bora> 4) The proposed approach which is really equivalent to a pre-shared key > Bora> that is hard coded into every IKE implementation opens us up for even > Bora> more issues. > > Yes, I agree. I'm not crazy about Joe's approach either. > I know we can do better, because we have already done better. Can you be a little more specific about such alternatives? If there are alternatives that suffice for anonymous exchanges, please indicate what they are in addition to asserting their benefit (if it's equivalent, then it's not better ;-) - I'd prefer to use an existing approach, especially one I can cite. Thanks, Joe
Attachment:
signature.asc
Description: OpenPGP digital signature