potential new IETF WG on anonymous IPSec

Zooko O'Whielacronx zooko at zooko.com
Sun Sep 12 05:18:25 EDT 2004

On 2004, Sep 11, , at 17:20, Sandy Harris wrote:

> Zooko O'Whielcronx wrote:
>> I believe that in the context of e-mail [1, 2, 3, 4] and FreeSWAN  
>> this is called "opportunistic encryption".
> That is certainly not what FreeS/WAN meant by "opportunistic  
> encryption".
> http://www.freeswan.org/freeswan_trees/freeswan-1.99/doc/ 
> glossary.html#carpediem

That link leads to the following definition: "A situation in which any  
two IPsec-aware machines can secure their communications, without a  
pre-shared secret and without a common  PKI or previous exchange of  
public keys. This is one of the goals  of the Linux FreeS/WAN project,  
discussed in our introduction section. Setting up for opportunistic  
encryption is described in our  configuration document."

This definition is indeed consistent with the concept that we are  

If FreeS/WAN's implementation boils down to using DNS as a common PKI  
that is too bad, but their definition (which explicitly excludes a  
common PKI) seems to be the same as mine.

This concept is too important to go without a name.  Currently the best  
way to tell your interlocutor what concept you are talking about seems  
to be "you know, the way SSH does it, with the  
first-time-unauthenticated public key exchange....".  I heartily  
approve of Peter Gutmann's suggestion to write an RFC for it.



The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com

More information about the cryptography mailing list