Hello, There appears to be something/someone looping messages back to the list. I've received multiple copies of several mails, many of them with a double mailing-list advertisement below.
On Mon, 10 Jun 2002, Steven M. Bellovin wrote: > In message <002f01c210af$df9ec240$246015ac@T23KEMPF>, "James Kempf" writes: > >Hi Steve, > > > >> >Key distribution could be done via Layer 2 AAA or using the roaming > >> >consortia idea we had in the ABK draft. However, I think that might > >> >require some change in IPsec policy, because I believe the policy > >only > >> >allows IKE or manual keying for key distribution. > >> > >> That's not correct. In fact, there's another working group, KINK, > >> whose goal is Kerberos key management for IPsec. > >> > > > >Thanx for the correction. > > > >So is it the case then that there would be no change in IPsec policy > >required for doing AAA-based or roaming consortia-based key management? > >Is so, then perhaps this problem is fairly straightforward to solve. > > Well, as straight-forward as any key management issue... > > But the word "policy" is important; there's a lot more to setting up an > IPsec than key exchange. Deciding exactly what to encrypt and how has > to be negotiated, imposed, or otherwise agreed-upon. > > --Steve Bellovin, http://www.research.att.com/~smb (me) > http://www.wilyhacker.com ("Firewalls" book) > > > -------------------------------------------------------------------- > IETF IPng Working Group Mailing List > IPng Home Page: http://playground.sun.com/ipng > FTP archive: ftp://playground.sun.com/pub/ipng > Direct all administrative requests to [EMAIL PROTECTED] > -------------------------------------------------------------------- > -------------------------------------------------------------------- > IETF IPng Working Group Mailing List > IPng Home Page: http://playground.sun.com/ipng > FTP archive: ftp://playground.sun.com/pub/ipng > Direct all administrative requests to [EMAIL PROTECTED] > -------------------------------------------------------------------- > -- Pekka Savola "Tell me of difficulties surmounted, Netcore Oy not those you stumble over and fall" Systems. Networks. Security. -- Robert Jordan: A Crown of Swords -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to [EMAIL PROTECTED] --------------------------------------------------------------------
