[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[anonsec] Propose dropping asymmetric CBB

From: hartmans-ietf at mit.edu (Sam Hartman)
Date: Mon, 20 Mar 2006 18:06:34 -0500
In-reply-to: <441F2A6A.2090306 at isi.edu> (Joe Touch's message of "Mon, 20 Mar 2006 14:19:22 -0800")
References: <20060320214906.96311E0053 at carter-zimmerman.mit.edu> <441F2A6A.2090306 at isi.edu>

>>>>> "Joe" == Joe Touch <touch at ISI.EDU> writes:

    Joe> Should it be included as a variant for completeness, but the
    Joe> lack of currently known utility / motivation noted?

No, because I think it has security problems and I don't want to spend
the effort doing analysis unless we have a justification for that
work.



Let me make sure I understand what you mean though.  You consider this
the case where one side verifies the channel binding but the other
side does not, not the case where you use channel bindings but one
side has full IKE, right?

Follow-Ups:
- [anonsec] Propose dropping asymmetric CBB
  - From: Joe Touch

References:
- [anonsec] Propose dropping asymmetric CBB
  - From: Sam Hartman
- [anonsec] Propose dropping asymmetric CBB
  - From: Joe Touch

Prev by Date: [anonsec] Propose dropping asymmetric CBB
Next by Date: [anonsec] Propose dropping asymmetric CBB
Previous by thread: [anonsec] Propose dropping asymmetric CBB
Next by thread: [anonsec] Propose dropping asymmetric CBB
Index(es):
- Date
- Thread

Note Well: Messages sent to this mailing list are the opinions of the senders and do not imply endorsement by the IETF.