[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Comments on draft-ietf-ipsec-ike-01.txt (long)

To: Dan Harkins <dharkins@xxxxxxxxxxxxxxxxxxx>
Subject: Re: Comments on draft-ietf-ipsec-ike-01.txt (long)
From: "Derrell D. Piper" <ddp@xxxxxxxxxxxxxxxxxxx>
Date: Thu, 03 Jun 1999 09:38:54 -0700
Cc: Paul Koning <pkoning@xxxxxxxxx>, ipsec@xxxxxxxxxxxxxxxxx
In-reply-to: Your message of "Wed, 02 Jun 1999 14:09:07 PDT." <>
Sender: owner-ipsec@xxxxxxxxxxxxxxxxx

>   So let me ask the entire working group: should vendors be prohibited from
> accepting a key length greater than what they have configured? Should they
> be prohibited from accepting a stronger group? 

Absolutely not and I'd go so far as to make it a SHOULD instead of a MAY.

We're trying to design good security, not workarounds for bad implementations.

Derrell

Follow-Ups:
- Re: Comments on draft-ietf-ipsec-ike-01.txt (long)
  - From: Joe Tardo
- Re: Comments on draft-ietf-ipsec-ike-01.txt (long)
  - From: Paul Koning

References:
- Re: Comments on draft-ietf-ipsec-ike-01.txt (long)
  - From: Dan Harkins

Prev by Date: Re: Comments on draft-ietf-ipsec-ike-01.txt (long)
Next by Date: Re: A question on SA establishment in RFC 2408
Previous by thread: Re: Comments on draft-ietf-ipsec-ike-01.txt (long)
Next by thread: Re: Comments on draft-ietf-ipsec-ike-01.txt (long)
Index(es):
- Date
- Thread