Re: is manual keying mandatory
Dan McDonald <danmcd@Eng.Sun.Com> Thu, 19 March 1998 00:48 UTC
Received: (from majordom@localhost) by portal.ex.tis.com (8.8.2/8.8.2) id TAA09915 for ipsec-outgoing; Wed, 18 Mar 1998 19:48:26 -0500 (EST)
From: Dan McDonald <danmcd@Eng.Sun.Com>
Message-Id: <199803190100.RAA11318@kebe.eng.sun.com>
Subject: Re: is manual keying mandatory
To: sommerfeld@orchard.arlington.ma.us
Date: Wed, 18 Mar 1998 17:00:12 -0800
Cc: ipsec@tis.com
In-Reply-To: <199803182344.XAA14394@orchard.arlington.ma.us> from "Bill Sommerfeld" at Mar 18, 98 06:44:22 pm
X-Mailer: ELM [version 2.4 PL25]
MIME-Version: 1.0
Content-Type: text/plain; charset="US-ASCII"
Content-Transfer-Encoding: 7bit
Sender: owner-ipsec@ex.tis.com
Precedence: bulk
I sent my original reply directly to Roy. Sorry 'bout that. I've remembered another reason for MUST on manual keying that Bill hints at here... > It also leaves makes more room for experimentation with new key > management techniques, since a new key management system can be > grafted on through the "manual" key management interface. YES! And one example of a new key management system is any system for multicast keys! If you don't have manual keying, how can you add: AH spi 0x1969 authalg md5 src <INADDR_ANY> dst 224.124.12.2 That's a perfectly legal and valid multicast SA, and manual keying (or any first-cut KDC solution that makes you get the group key from a group key manager) is the only way to do that. Dan
- is manual keying mandatory Roy Pereira
- RE: is manual keying mandatory William Dixon
- Re: is manual keying mandatory Derrell D. Piper
- Re: is manual keying mandatory Bill Sommerfeld
- Re: is manual keying mandatory Dan McDonald
- Re: is manual keying mandatory (fwd) Jackie Wilson
- Re: is manual keying mandatory Bronislav Kavsan
- Re: is manual keying mandatory Perry E. Metzger
- Re: is manual keying mandatory (fwd) Perry E. Metzger
- Re: is manual keying mandatory Michael C. Richardson
- Re: is manual keying mandatory (fwd) Paul Koning
- Re: is manual keying mandatory Phil Servita
- Re: is manual keying mandatory (fwd) Robert Moskowitz
- Re: is manual keying mandatory Robert Moskowitz
- Re: is manual keying mandatory (fwd) Larry Backman
- FW: is manual keying mandatory Roy Pereira
- Re: is manual keying mandatory (fwd) Robert Moskowitz
- RE: is manual keying mandatory (fwd) Rob Adams
- Re: is manual keying mandatory Steve Sneddon
- RE: is manual keying mandatory Bede McCall
- Re: is manual keying mandatory Daniel Harkins
- Re: is manual keying mandatory Bronislav Kavsan
- [Fwd: is manual keying mandatory] Bronislav Kavsan
- Re: is manual keying mandatory Theodore Y. Ts'o
- Re: is manual keying mandatory (fwd) Daniel C. Fox
- Re: is manual keying mandatory (fwd) Paul Lambert
- Re: is manual keying mandatory Steve Sneddon
- Re: is manual keying mandatory Michael Richardson
- Re: is manual keying mandatory Dave Carrel
- Re: is manual keying mandatory Bronislav Kavsan
- Re: is manual keying mandatory Bronislav Kavsan
- Re: is manual keying mandatory Dave Carrel
- RE: is manual keying mandatory Bede McCall
- Re: is manual keying mandatory EKR
- Re: is manual keying mandatory Bronislav Kavsan
- RE: is manual keying mandatory Bede McCall
- Re: is manual keying mandatory Derrell D. Piper
- Re: is manual keying mandatory Perry E. Metzger
- Re: is manual keying mandatory Bronislav Kavsan
- Re: is manual keying mandatory Steve Sneddon
- Re: is manual keying mandatory Ran Atkinson
- Re: is manual keying mandatory (fwd) Hilarie Orman