"ISAKMP" flaws?
bear
bear at sonic.net
Sat Nov 19 21:03:18 EST 2005
On Sat, 19 Nov 2005, Peter Gutmann wrote:
>- The remaining user base replaced it with on-demand access to network
> engineers who come in and set up their hardware and/or software for them and
> hand-carry the keys from one endpoint to the other.
>
> I guess that's one key management model that the designers never
> anticipated... I wonder what a good name for this would be, something better
> than the obvious "sneakernet keying"?
Actually this is a good thing. Separation of the key distribution channel
from the flow of traffic encrypted under those keys. Making key distribution
require human attention/intervention. This is treating key distribution
seriously, and possibly for the first time in the modern incarnation of the
industry.
Bear
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list