[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: suites - phase 1 vs 2

To: Charlie_Kaufman@notesdev.ibm.com
Subject: Re: suites - phase 1 vs 2
From: Bill Sommerfeld <sommerfeld@east.sun.com>
Date: Fri, 30 Aug 2002 20:23:40 -0400
cc: Michael Richardson <mcr@sandelman.ottawa.on.ca>, ipsec@lists.tislabs.com
In-Reply-To: Your message of "Fri, 30 Aug 2002 17:48:20 EDT." <OF1C398FD4.350B1A5C-ON85256C25.0076C644-85256C25.0077C7A0@iris.com>
Reply-to: sommerfeld@east.sun.com
Sender: owner-ipsec@lists.tislabs.com

> I believe the definition of a suite should include the protocol it
> is securing. 

Agreed.

> That means we need a minimum of two suites: one of IKE and one for
> ESP. 

Yes, and we end up with (at least) two types of suites: one for IKE
protecting itself, and one for each of the protocols that IKE manages
(whether you look at this as a single "IPsec" protocol or as
independant "AH", "ESP", and "IPcomp" is another question).


					- Bill

References:
- Re: suites - phase 1 vs 2
  - From: Charlie_Kaufman@notesdev.ibm.com

Prev by Date: Re: suites - phase 1 vs 2
Next by Date: Re: Last ditch proposal for crypto suites
Prev by thread: Re: suites - phase 1 vs 2
Next by thread: Re: Last ditch proposal for crypto suites
Index(es):
- Date
- Thread