To:
rshockey@ix.netcom.com (Richard Shockey)
Cc:
jakob@crt.se, keydist@cafax.se
From:
Bill Manning <bmanning@isi.edu>
Date:
Fri, 4 Oct 2002 20:41:37 -0700 (PDT)
In-Reply-To:
<5.1.0.14.2.20021004173210.024ae6a0@popd.ix.netcom.com> from Richard Shockey at "Oct 4, 2 05:41:15 pm"
Sender:
owner-keydist@cafax.se
Subject:
Re: I intend to have a document ready for Atlanta on this subject.
% At 10:47 PM 10/4/2002 +0200, you wrote: % >On Fri, 4 Oct 2002, Richard Shockey wrote: % > % > > It would seem that a IPsec only solution would miss a useful opportunity % > > to address the larger problem. % > % >are we sure we really have to solve the larger problem? by starting to % >solve small problems, I believe we have a better chance of succeeding. % % I can accept that . The IPsec issue is interesting, important and probably % looks like the general case of application specific key discovery in a % microcosm. actually, the ipsec instance is nearly unique in the context of application specific key discovery. it dovetails nicely with the existing reverse tree and is tied to IP, which is "under" transport. I don't think of IP as an application that I invoke. Applications are things like kerberos, ssh, mail, etc. All of those sit much higher in the stack than IP. % Richard Shockey, Senior Manager, Strategic Technology Initiatives --bill