[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Altenatives for IKE and legacy user authentication combinations

To: "Steven M. Bellovin" <smb@xxxxxxxxxxxxxxxx>
Subject: Re: Altenatives for IKE and legacy user authentication combinations
From: "Marcus Leech" <mleech@xxxxxxxxxxxxxxxxxx>
Date: Thu, 10 Feb 2000 10:50:58 -0500
Cc: Sara Bitan <sarab@xxxxxxxxxxxx>, ipsra <ietf-ipsra@xxxxxxxx>
List-archive: <http://www.vpnc.org/ietf-ipsra/mail-archive/>
List-id: <ietf-ipsra.vpnc.org>
List-unsubscribe: <mailto:ietf-ipsra-request@vpnc.org?body=unsubscribe>
References: <>
Sender: owner-ietf-ipsra@xxxxxxxxxxxxx

"Steven M. Bellovin" wrote:
>
> It's far from clear to me that you're right; my point is that from an
> architectural perspective, it doesn't matter.  Even if there is no reuse, a
> solution independent of IKE is the right answer.  Supporting these other
> scenarios strengthens an already-strong case, in my opinion.
> 
With this, I agree.  I think it would be hard for us, if we use an
  OOB mechanism that can deliver certs, to build a system that didn't
  naturally support reuse.

-- 
----------------------------------------------------------------------
Marcus Leech                             Mail:   Dept 8M70, MS 012, FITZ
Systems Security Architect               Phone: (ESN) 393-9145  +1 613 763 9145
Security and Internet Solutions          Fax:   (ESN) 395-1407  +1 613 765 1407
Nortel Networks                          mleech@xxxxxxxxxxxxxxxxxx
-----------------Expressed opinions are my own, not my employer's------

References:
- Re: Altenatives for IKE and legacy user authentication combinations
  - From: Steven M. Bellovin

Prev by Date: Re: A new charter
Next by Date: Re: Altenatives for IKE and legacy user authentication combinations
Previous by thread: Re: Altenatives for IKE and legacy user authentication combinations
Next by thread: Re: Altenatives for IKE and legacy user authentication combinations
Index(es):
- Date
- Thread