[19018] in cryptography@c2.net mail archive
Re: "ISAKMP" flaws?
daemon@ATHENA.MIT.EDU (bear)
Wed Nov 30 10:22:20 2005
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
Date: Sat, 19 Nov 2005 18:03:18 -0800 (PST)
From: bear <bear@sonic.net>
To: Peter Gutmann <pgut001@cs.auckland.ac.nz>
Cc: cryptography@metzdowd.com, wsimpson@greendragon.com
In-Reply-To: <E1EdJSI-0007QG-00@medusa01.cs.auckland.ac.nz>
On Sat, 19 Nov 2005, Peter Gutmann wrote:
>- The remaining user base replaced it with on-demand access to network
> engineers who come in and set up their hardware and/or software for them and
> hand-carry the keys from one endpoint to the other.
>
> I guess that's one key management model that the designers never
> anticipated... I wonder what a good name for this would be, something better
> than the obvious "sneakernet keying"?
Actually this is a good thing. Separation of the key distribution channel
from the flow of traffic encrypted under those keys. Making key distribution
require human attention/intervention. This is treating key distribution
seriously, and possibly for the first time in the modern incarnation of the
industry.
Bear
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
