On Mon, August 1, 2011 9:11 am, Paul Hoffman wrote: > On Aug 1, 2011, at 7:42 AM, Tero Kivinen wrote: >> I have stated my reasons why I consider allocating multiple payload >> numbers etc for exactly same thing a bad thing. > > The three proposals do not do "exactly the same thing": they each have > different cryptographic and administrative properties. This has been > widely discussed in the WG.
Yes, they do do "exactly the same thing", they all implement a zero knowledge proof to authenticate the peers using a simple password. They use cryptography differently to achieve that same result but that doesn't mean the "cryptographic properties" are different; they're not. The cryptographic property that the exchanges have is resistance to off-line dictionary attack, i.e. the advantage an attacker gains is through interaction and not computation. Administrative differences? They all use the same D-H group used in IKE and they all need to be provisioned with a password. No difference there either. If these drafts had some different properties, or were different in any meaningful and technical way, then we'd have a "winner" already. But we don't, and that's because they do the same thing and have the same properties. All we have to show for those delays and the capricious process imposed on the WG is an implementation problem-- 3 ways of doing the same thing. Dan. _______________________________________________ IPsec mailing list [email protected] https://www.ietf.org/mailman/listinfo/ipsec
