RE: Remove little-used algorithms from IKEv2

"Hallam-Baker, Phillip" <pbaker@verisign.com> Fri, 15 March 2002 15:38 UTC

Received: from lists.tislabs.com (portal.gw.tislabs.com [192.94.214.101]) by above.proper.com (8.11.6/8.11.3) with ESMTP id g2FFcm429464; Fri, 15 Mar 2002 07:38:48 -0800 (PST)
Received: by lists.tislabs.com (8.9.1/8.9.1) id JAA14008 Fri, 15 Mar 2002 09:55:55 -0500 (EST)
Message-ID: <2F3EC696EAEED311BB2D009027C3F4F405869A0F@vhqpostal.verisign.com>
From: "Hallam-Baker, Phillip" <pbaker@verisign.com>
To: 'Derek Atkins' <warlord@mit.edu>, Paul Hoffman / VPNC <paul.hoffman@vpnc.org>
Cc: ipsec@lists.tislabs.com
Subject: RE: Remove little-used algorithms from IKEv2
Date: Fri, 15 Mar 2002 07:08:32 -0800
MIME-Version: 1.0
X-Mailer: Internet Mail Service (5.5.2653.19)
Content-Type: multipart/mixed; boundary="----_=_NextPart_000_01C1CC33.45B73EC0"
Sender: owner-ipsec@lists.tislabs.com
Precedence: bulk

The raw keys are actually very useful since they can be used with an XKMS
service for validation. Essentially they become an index to the information
bound to them.

Phillip Hallam-Baker FBCS C.Eng.
Principal Scientist
VeriSign Inc.
pbaker@verisign.com
781 245 6996 x227


> -----Original Message-----
> From: Derek Atkins [mailto:warlord@mit.edu]
> Sent: Thursday, March 14, 2002 8:19 PM
> To: Paul Hoffman / VPNC
> Cc: ipsec@lists.tislabs.com
> Subject: Re: Remove little-used algorithms from IKEv2
> 
> 
> Paul Hoffman / VPNC <paul.hoffman@vpnc.org> writes:
> 
> > In the same vein, all certificate formats other than #4 (X.509
> > Certificate - Signature) should be deprecated as well. "PKCS #7
> > wrapped X.509 certificate" is particularly bad given that 
> there is no
> > standard for how to "wrap" a certificate.
> 
> I'm not sure I agree with the first statement here.  I'm willing to be
> convinced, but I think PGP certificates and maybe raw RSA keys are
> both reasonable as well.
> 
> > --Paul Hoffman, Director
> > --VPN Consortium
> 
> -derek
> 
> -- 
>        Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
>        Member, MIT Student Information Processing Board  (SIPB)
>        URL: http://web.mit.edu/warlord/    PP-ASEL-IA     N1NWH
>        warlord@MIT.EDU                        PGP key available
>