[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: E2E and crypto-agility

To: "'Alan DeKok'" <aland@nitros9.org>
Subject: RE: E2E and crypto-agility
From: "Glen Zorn" <glenzorn@comcast.net>
Date: Thu, 3 Jan 2008 17:14:06 -0800
Cc: <Bernard_Aboba@hotmail.com>, <radiusext@ops.ietf.org>
In-reply-to: <477D6E52.60602@nitros9.org>
References: <tslabo4d851.fsf@mit.edu> <BAY117-W1792E6240C29062FF9B6F2935F0@phx.gbl> <47729414.9070608@nitros9.org> <BAY117-DS17BF5949D5EDD59B29614935B0@phx.gbl> <47737D1C.5050208@nitros9.org> <00b101c84e5c$f7e0c600$e7a25200$@net> <477D6E52.60602@nitros9.org>

Glen Zorn wrote:
> It's hard to see how this solves any known problem.  We already know how
te
> secure the key on the wire; the only problem is with evil proxies.

  Um... if you don't trust the proxies, why are you letting them control
access to your network?
[gwz] 
The only purpose of which I'm aware for e2e encryption in RADIUS is the
hiding of the encrypted things from proxies.
[/gwz]

...

--
to unsubscribe send a message to radiusext-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/radiusext/>

Follow-Ups:
- Re: E2E and crypto-agility
  - From: Alan DeKok <aland@nitros9.org>

References:
- RE: E2E and crypto-agility
  - From: "Glen Zorn" <glenzorn@comcast.net>
- Re: E2E and crypto-agility
  - From: Alan DeKok <aland@nitros9.org>

Prev by Date: RE: [HOKEY] Review of draft-gaonkar-radext-erp-attrs-02.txt
Next by Date: RE: [HOKEY] Review of draft-gaonkar-radext-erp-attrs-02.txt
Previous by thread: Re: E2E and crypto-agility
Next by thread: Re: E2E and crypto-agility
Index(es):
- Date
- Thread