Re: Remove little-used algorithms from IKEv2

Henry Spencer <henry@spsystems.net> Fri, 15 March 2002 05:06 UTC

Received: from lists.tislabs.com (portal.gw.tislabs.com [192.94.214.101]) by above.proper.com (8.11.6/8.11.3) with ESMTP id g2F568407079; Thu, 14 Mar 2002 21:06:08 -0800 (PST)
Received: by lists.tislabs.com (8.9.1/8.9.1) id XAA08916 Thu, 14 Mar 2002 23:34:06 -0500 (EST)
Date: Thu, 14 Mar 2002 23:45:02 -0500
From: Henry Spencer <henry@spsystems.net>
To: Paul Hoffman / VPNC <paul.hoffman@vpnc.org>
cc: ipsec@lists.tislabs.com
Subject: Re: Remove little-used algorithms from IKEv2
In-Reply-To: <p05101419b8b725b9a370@[165.227.249.20]>
Message-ID: <Pine.BSI.3.91.1020314234407.19297A-100000@spsystems.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset="US-ASCII"
Sender: owner-ipsec@lists.tislabs.com
Precedence: bulk

On Thu, 14 Mar 2002, Paul Hoffman / VPNC wrote:
> >...I think PGP certificates and maybe raw RSA keys are
> >both reasonable as well.
> 
> ...and bare RSA keys have fewer security features that PKIX certs.

Some think that having fewer features is an advantage, not a problem.

                                                          Henry Spencer
                                                       henry@spsystems.net