Re: is manual keying mandatory (fwd)
"Daniel C. Fox" <dfox@BayNetworks.COM> Fri, 20 March 1998 22:01 UTC
Received: (from majordom@localhost) by portal.ex.tis.com (8.8.2/8.8.2) id RAA02066 for ipsec-outgoing; Fri, 20 Mar 1998 17:01:52 -0500 (EST)
Message-ID: <3512B97E.3595898B@baynetworks.com>
Date: Fri, 20 Mar 1998 13:46:22 -0500
From: "Daniel C. Fox" <dfox@BayNetworks.COM>
Reply-To: dfox@BayNetworks.COM
Organization: Bay Networks, Inc.
X-Mailer: Mozilla 4.04 [en] (WinNT; I)
MIME-Version: 1.0
To: "adams@cisco.com" <adams@cisco.com>
CC: 'Robert Moskowitz' <rgm-sec@htt-consult.com>, 'Jackie Wilson' <jhwilson@austin.ibm.com>, "'ipsec@tis.com'" <ipsec@tis.com>
Subject: Re: is manual keying mandatory (fwd)
References: <01BD5325.5F8EA080.adams@cisco.com>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: owner-ipsec@ex.tis.com
Precedence: bulk
>From a practical standpoint, Diffie-Hellman is extremely expensive in lessor-powered CPU's, and in an environment where IP interfaces are coming up and down in a dynamic environment (say PPP over demand-dial ISDN lines), doing Diffie-Hellman again and again may be more taxing on the CPU than Triple DES encryption on full throughput. In such an environment, one can use a different KMP than ISAKMP/Oakley. But it would be beneficial to know that a completely inexpensive key management system (manual keying) is universally supported in all IP Security implementations. My customers would then be able to make the choice themselves whether to go with (relatively expensive) automated keying or (relatively inexpensive) manual keying, regardless of the IPSec-capable devices they were interfacing with. For this reason, I feel it is necessary to keep manual keying support a MUST. -- Daniel C. Fox <dfox@baynetworks.com> Software Project Leader Tel: +1 978-916-4216 Remote Access Server Division Fax: +1 978-916-4789 Bay Networks, Inc. <http://www.baynetworks.com>
- is manual keying mandatory Roy Pereira
- RE: is manual keying mandatory William Dixon
- Re: is manual keying mandatory Derrell D. Piper
- Re: is manual keying mandatory Bill Sommerfeld
- Re: is manual keying mandatory Dan McDonald
- Re: is manual keying mandatory (fwd) Jackie Wilson
- Re: is manual keying mandatory Bronislav Kavsan
- Re: is manual keying mandatory Perry E. Metzger
- Re: is manual keying mandatory (fwd) Perry E. Metzger
- Re: is manual keying mandatory Michael C. Richardson
- Re: is manual keying mandatory (fwd) Paul Koning
- Re: is manual keying mandatory Phil Servita
- Re: is manual keying mandatory (fwd) Robert Moskowitz
- Re: is manual keying mandatory Robert Moskowitz
- Re: is manual keying mandatory (fwd) Larry Backman
- FW: is manual keying mandatory Roy Pereira
- Re: is manual keying mandatory (fwd) Robert Moskowitz
- RE: is manual keying mandatory (fwd) Rob Adams
- Re: is manual keying mandatory Steve Sneddon
- RE: is manual keying mandatory Bede McCall
- Re: is manual keying mandatory Daniel Harkins
- Re: is manual keying mandatory Bronislav Kavsan
- [Fwd: is manual keying mandatory] Bronislav Kavsan
- Re: is manual keying mandatory Theodore Y. Ts'o
- Re: is manual keying mandatory (fwd) Daniel C. Fox
- Re: is manual keying mandatory (fwd) Paul Lambert
- Re: is manual keying mandatory Steve Sneddon
- Re: is manual keying mandatory Michael Richardson
- Re: is manual keying mandatory Dave Carrel
- Re: is manual keying mandatory Bronislav Kavsan
- Re: is manual keying mandatory Bronislav Kavsan
- Re: is manual keying mandatory Dave Carrel
- RE: is manual keying mandatory Bede McCall
- Re: is manual keying mandatory EKR
- Re: is manual keying mandatory Bronislav Kavsan
- RE: is manual keying mandatory Bede McCall
- Re: is manual keying mandatory Derrell D. Piper
- Re: is manual keying mandatory Perry E. Metzger
- Re: is manual keying mandatory Bronislav Kavsan
- Re: is manual keying mandatory Steve Sneddon
- Re: is manual keying mandatory Ran Atkinson
- Re: is manual keying mandatory (fwd) Hilarie Orman