Summarizing what I said in the meeting: (1) The performance criteria should include performance with large complex secrets (e.g., pre-shared keys), not just the smaller passwords that people can reasonably be expected to remember.
This is because a password-based authentication mechanism may be usefully applied to shared secret authentication implementations that derive a supposedly strong secret solely from a password (see the discussion of pre-shared key authentication in Section 2.15 of RFC 4306). Password-based authentication would provides some defense against this and other key generation weaknesses. The original password that was used to generate the shared secret may no longer be available, so good performance on large complex secrets would enable password based authentication to use the derived (supposedly strong) secret as the password. (2) Management (e.g., password change, password policy) is not mentioned in the criteria document. This is good. Keeping management orthogonal (i.e., out of scope of this criteria discussion) is (IMHO) a good thing, as management techniques and requirements may vary widely across classes of implementations. Thanks, --David ---------------------------------------------------- David L. Black, Distinguished Engineer EMC Corporation, 176 South St., Hopkinton, MA 01748 +1 (508) 293-7953 FAX: +1 (508) 293-7786 black_da...@emc.com Mobile: +1 (978) 394-7754 ---------------------------------------------------- _______________________________________________ IPsec mailing list IPsec@ietf.org https://www.ietf.org/mailman/listinfo/ipsec
