[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Altenatives for IKE and legacy user authentication combinations



"Steven M. Bellovin" wrote:
>
> It's far from clear to me that you're right; my point is that from an
> architectural perspective, it doesn't matter.  Even if there is no reuse, a
> solution independent of IKE is the right answer.  Supporting these other
> scenarios strengthens an already-strong case, in my opinion.
> 
With this, I agree.  I think it would be hard for us, if we use an
  OOB mechanism that can deliver certs, to build a system that didn't
  naturally support reuse.

-- 
----------------------------------------------------------------------
Marcus Leech                             Mail:   Dept 8M70, MS 012, FITZ
Systems Security Architect               Phone: (ESN) 393-9145  +1 613 763 9145
Security and Internet Solutions          Fax:   (ESN) 395-1407  +1 613 765 1407
Nortel Networks                          mleech@xxxxxxxxxxxxxxxxxx
-----------------Expressed opinions are my own, not my employer's------