re: SKIP source release is out
Doug Hughes writes: [ Perry Metzger writes: ]
SKIP is a non-standard being pushed by Sun.
Correct me if I'm wrong, but isn't sun trying to make it a standard (in competetion with Photuris) ?
Doug, you are correct. SKIP is an IPSEC internet draft. Photuris is an IPSEC internet draft. Perry is incorrect in saying that SKIP is a non-standard. Both of the chairs of the IPSEC group have said SKIP is part of the IPSEC working group. Phil Karn (author of Photuris) has also said this. Both SKIP and Photuris are on the standards track. They are, as you indicated, "competing" protocols.
The IETF has many sorts of standards. It explicitly has a way to standardize things that the IETF doesn't think are a good idea but which should have the ability to interoperate if you do them.
That's true, but SKIP is not in that category. I believe neither SKIP nor Photuris have been declared "mandatory" as of this point. They both have the same status in IPSEC.
My opinion is that it is fairly clear that Photuris is the key management system people will be using, although it is going to have to evolve to work with a real network wide certificate database infrastructure. SKIP isn't going to be the standard.
Again, in *your* opinion. No determination has been made that I know of. --tom
Tom Markson writes:
Doug Hughes writes: [ Perry Metzger writes: ]
SKIP is a non-standard being pushed by Sun.
Correct me if I'm wrong, but isn't sun trying to make it a standard (in competetion with Photuris) ?
Doug, you are correct. SKIP is an IPSEC internet draft. Photuris is an IPSEC internet draft. Perry is incorrect in saying that SKIP is a non-standard. Both of the chairs of the IPSEC group have said SKIP is part of the IPSEC working group.
Yes, and I believe that it has also been made pretty clear that you have a snowball's chance in hell of getting SKIP to be a first class standard. Anything can be part of the IPSEC working group if it insists, you know. Anyone can publish an RFC, too.
Phil Karn (author of Photuris) has also said this.
Other people are substantially more diplomatic than me.
Both SKIP and Photuris are on the standards track.
No, I think that SKIP is pretty clearly headed, at best, to elective. It isn't ever going to be a standard, period.
The IETF has many sorts of standards. It explicitly has a way to standardize things that the IETF doesn't think are a good idea but which should have the ability to interoperate if you do them.
That's true, but SKIP is not in that category.
Think what you like.
My opinion is that it is fairly clear that Photuris is the key management system people will be using, although it is going to have to evolve to work with a real network wide certificate database infrastructure. SKIP isn't going to be the standard.
Again, in *your* opinion. No determination has been made that I know of.
Actually, Ran pretty much explicitly said in Danvers that we were headed towards Photuris and Photuris-like protocols. I know he's a bit more diplomatic about how he says such things, but again, I think that the situation is fairly clear, no matter what you guys choose to tell the trade press. Perry
participants (2)
-
marksonļ¼ osmosys.incog.com -
Perry E. Metzger