[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: comments on minutes

To: "Linn, John" <jlinn@xxxxxxxxxxxxxxx>
Subject: Re: comments on minutes
From: Stephen Farrell <stephen.farrell@xxxxxxxxxxxx>
Date: Fri, 30 Mar 2001 16:27:38 +0100
Cc: "'Tom Wu'" <tom@xxxxxxxxx>, Radia Perlman - Boston Center for Networking <Radia.Perlman@xxxxxxx>, ietf-sacred@xxxxxxx
List-archive: <http://www.imc.org/ietf-sacred/mail-archive/>
List-id: <ietf-sacred.imc.org>
List-unsubscribe: <mailto:ietf-sacred-request@imc.org?body=unsubscribe>
Organization: Baltimore Technologies Ltd.
References: <>
Reply-to: stephen.farrell@xxxxxxxxxxxx
Sender: owner-ietf-sacred@xxxxxxxxxxxx

John,

I think that's fine for the purposes of the minutes.

Stephen.

"Linn, John" wrote:
> 
> For minutes purposes, I've now converged to the following draft pair of
> paragraphs. Is this generally acceptable?
> 
> Magnus presented a table comparing the alternatives relative to four
> metrics: client CPU requirements, number of communications roundtrips, level
> of security, and ease of implementation. Each of DH-EKE, SPEKE, and SRP were
> considered as neutral in terms of all of these areas. In discussion, PDM was
> considered weaker in terms of client CPU requirements, but better in terms
> of server CPU requirements than EKE, SPEKE, or SRP, assuming use of a
> shorter modulus for PDM. PDM can be done in one round trip with stateless
> server operation, whereas SRP and the versions of EKE and SPEKE augmented
> not to require storing a password-equivalent at the server requires a
> 4-message exchange. OTP was considered stronger in terms of client CPU
> requirements, numbers of roundtrips, and ease of implementation, but weaker
> in security.
> 
> Radia Perlman (Sun) argued that DH-EKE's and SPEKE's augmented modes, which
> avoid storage of password-equivalent data at servers, incur overhead that is
> unnecessary in the SACRED application. She noted, further, that this
> overhead is intrinsic to SRP.  Stephen Farrell asked whether the WG should
> concentrate on one of the first four, or instead emphasize OTP schemes,
> noting that (unlike the other approaches) OTP doesn't generate a key or
> authenticate the server.  Tim Polk (NIST) commented that it didn't appear
> that requirements had been agreed sufficiently to support selection of an
> algorithm.  A straw poll was taken on algorithm selection, but its results
> were inconclusive.  The question will be revisited on the mailing list.
> 
> --jl

-- 
____________________________________________________________
Stephen Farrell         				   
Baltimore Technologies,   tel: (direct line) +353 1 881 6716
39 Parkgate Street,                     fax: +353 1 881 7000
Dublin 8.                mailto:stephen.farrell@xxxxxxxxxxxx
Ireland                             http://www.baltimore.com

References:
- RE: comments on minutes
  - From: Linn, John

Prev by Date: RE: comments on minutes
Next by Date: RE: comments on minutes
Previous by thread: RE: comments on minutes
Next by thread: Re: comments on minutes
Index(es):
- Date
- Thread