how bad is IPETEE?
Eric Rescorla
ekr at networkresonance.com
Thu Jul 10 13:17:54 EDT 2008
At Thu, 10 Jul 2008 18:10:27 +0200,
Eugen Leitl wrote:
>
>
> In case somebody missed it,
>
> http://www.tfr.org/wiki/index.php?title=Technical_Proposal_(IPETEE)
>
> I'm not sure what the status of http://postel.org/anonsec/
> is, the mailing list traffic dried up a while back.
This is the first I have heard of this.
That said, some initial observations:
- It's worth asking why, if you're doing per-connection keying,
it makes sense to do this at the IP layer rather than the
TCP/UDP layer.
- Why not simply use TLS or DTLS?
- The uh, novel nature of the cryptographic mechanisms is
pretty scary. Salsa-20? AES-CBC with implicit IV?
A completely new cryptographic handshake? Why not use
IPsec?
- A related idea was proposed a while back (by Lars Eggert,
I believe). See S 6.2.3.1 of:
https://svn.resiprocate.org/rep/ietf-drafts/ekr/draft-rescorla-tcp-auth-arch.txt
-Ekr
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list