Re: IPsec +- Perfect Forward Secrecy

2004-12-05 Thread John Denker
OK, let me ask a more specific question. Actually, let me put forth some hypotheses about how I think it works, and see if anyone has corrections or comments. 0) I'm not sure the words Perfect Forward Secrecy convey what we mean when we talk about PFS. Definition 12.16 in HAC suggests

Re: IPsec +- Perfect Forward Secrecy

2004-12-05 Thread Ariel Shaqed (Scolnicov)
Eric Rescorla [EMAIL PROTECTED] writes: John Denker [EMAIL PROTECTED] writes: Eric Rescorla wrote: Uh, you've just described the ephemeral DH mode that IPsec always uses and SSL provides. I'm mystified by the word always there, and/or perhaps by the definition of Perfect Forward

Re: IPsec +- Perfect Forward Secrecy

2004-12-01 Thread Eric Rescorla
John Denker [EMAIL PROTECTED] writes: Eric Rescorla wrote: Uh, you've just described the ephemeral DH mode that IPsec always uses and SSL provides. I'm mystified by the word always there, and/or perhaps by the definition of Perfect Forward Secrecy. Here's the dilemma: On the one hand, it