Re: is manual keying mandatory
EKR <ekr@terisa.com> Mon, 23 March 1998 22:39 UTC
Received: (from majordom@localhost) by portal.ex.tis.com (8.8.2/8.8.2) id RAA26635 for ipsec-outgoing; Mon, 23 Mar 1998 17:39:20 -0500 (EST)
To: bkavsan@ire-ma.com
Cc: Dave Carrel <carrel@ipsec.org>, Steve Sneddon <sned@cisco.com>, "Theodore Y. Ts'o" <tytso@MIT.EDU>, ipsec@tis.com
Subject: Re: is manual keying mandatory
References: <199803232019.MAA28635@weenie.redbacknetworks.com> <3516DD14.D23C6BDE@ire-ma.com>
From: EKR <ekr@terisa.com>
Date: Mon, 23 Mar 1998 14:54:08 -0800
In-Reply-To: Bronislav Kavsan's message of "Mon, 23 Mar 1998 17:07:16 -0500"
Message-Id: <3hg4pqar3.fsf@kmac.terisa.com>
Lines: 23
X-Mailer: Gnus v5.5/XEmacs 20.4 - "Emerald"
Sender: owner-ipsec@ex.tis.com
Precedence: bulk
Bronislav Kavsan <bkavsan@ire-ma.com> writes: > Here are the reasons: > - there is no "standard" key distribution mechanism for symmetric keys (I guess I > can get on the phone with another guy and negotiate key values) > - there is no "standard" mechanism for negotiation key lifetimes (should I also > use the phone?) > - how to re-key? - (get on the phone again?) > - what is the encapsulation context - tunnel/transport? (my phone bill is getting > higher?) > etc, etc, etc. These are operational reasons why it's inconvenient for USERS to do manual keying. They don't have anything to do with why implementers can't do manual keying, which is the question at hand. What, precisely, is so incredibly difficult about adding this to one's implementation that people are willing to make a big deal over this, instead of just letting the settled issue stay settled? -Ekr -- [Eric Rescorla Terisa Systems, Inc.] "Put it in the top slot."
- is manual keying mandatory Roy Pereira
- RE: is manual keying mandatory William Dixon
- Re: is manual keying mandatory Derrell D. Piper
- Re: is manual keying mandatory Bill Sommerfeld
- Re: is manual keying mandatory Dan McDonald
- Re: is manual keying mandatory (fwd) Jackie Wilson
- Re: is manual keying mandatory Bronislav Kavsan
- Re: is manual keying mandatory Perry E. Metzger
- Re: is manual keying mandatory (fwd) Perry E. Metzger
- Re: is manual keying mandatory Michael C. Richardson
- Re: is manual keying mandatory (fwd) Paul Koning
- Re: is manual keying mandatory Phil Servita
- Re: is manual keying mandatory (fwd) Robert Moskowitz
- Re: is manual keying mandatory Robert Moskowitz
- Re: is manual keying mandatory (fwd) Larry Backman
- FW: is manual keying mandatory Roy Pereira
- Re: is manual keying mandatory (fwd) Robert Moskowitz
- RE: is manual keying mandatory (fwd) Rob Adams
- Re: is manual keying mandatory Steve Sneddon
- RE: is manual keying mandatory Bede McCall
- Re: is manual keying mandatory Daniel Harkins
- Re: is manual keying mandatory Bronislav Kavsan
- [Fwd: is manual keying mandatory] Bronislav Kavsan
- Re: is manual keying mandatory Theodore Y. Ts'o
- Re: is manual keying mandatory (fwd) Daniel C. Fox
- Re: is manual keying mandatory (fwd) Paul Lambert
- Re: is manual keying mandatory Steve Sneddon
- Re: is manual keying mandatory Michael Richardson
- Re: is manual keying mandatory Dave Carrel
- Re: is manual keying mandatory Bronislav Kavsan
- Re: is manual keying mandatory Bronislav Kavsan
- Re: is manual keying mandatory Dave Carrel
- RE: is manual keying mandatory Bede McCall
- Re: is manual keying mandatory EKR
- Re: is manual keying mandatory Bronislav Kavsan
- RE: is manual keying mandatory Bede McCall
- Re: is manual keying mandatory Derrell D. Piper
- Re: is manual keying mandatory Perry E. Metzger
- Re: is manual keying mandatory Bronislav Kavsan
- Re: is manual keying mandatory Steve Sneddon
- Re: is manual keying mandatory Ran Atkinson
- Re: is manual keying mandatory (fwd) Hilarie Orman