[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: A problem with public key encrption in IKE

To: francisco_corella@xxxxxx
Subject: Re: A problem with public key encrption in IKE
From: Stephen Kent <kent@xxxxxxx>
Date: Tue, 14 Dec 1999 15:38:07 -0500
Cc: ipsec@xxxxxxxxxxxxxxxxx
In-reply-to: <>
References: <>
Sender: owner-ipsec@xxxxxxxxxxxxxxxxx

Francisco,

Whether a signature provides a basis for non-repudiation depends on the details of the generation process. Note that in the case of IPsec, at most one might be able to prove that a peer initiated an SA, but the signature applied during the IKE exchange would not say anything about what data was sent on the SAs later. So, while I like the use of signatures for IKE authentication, I would not argue too strongly for them based on any non-repudiation basis.

Steve

References:
- Re: A problem with public key encrption in IKE
  - From: francisco_corella

Prev by Date: fqdn and trailing dot in IDs
Next by Date: Re: PGP keys in IKE
Previous by thread: Re: A problem with public key encrption in IKE
Next by thread: Re: A problem with public key encrption in IKE
Index(es):
- Date
- Thread