Re: potential new IETF WG on anonymous IPSec
On 2004, Sep 09, , at 16:57, Hal Finney wrote: To clarify, this is not really anonymous in the usual sense. Rather it is a proposal to an extension to IPsec to allow for unauthenticated connections. Presently IPsec relies on either pre-shared secrets or a trusted third party CA to authenticate the connection. The new proposal would let connections go forward using a straight Diffie-Hellman type exchange without authentication. ... I don't think anonymous is the right word for this, and I hope the IETF comes up with a better one as they go forward. I believe that in the context of e-mail [1, 2, 3, 4] and FreeSWAN this is called opportunistic encryption. Regards, Zooko [1] http://www.templetons.com/brad/crypt.html [2] http://bitconjurer.org/envelope.html [3] http://pps.sourceforge.net/ [4] http://www.advogato.org/article/391.html
Re: potential new IETF WG on anonymous IPSec
On 2004, Sep 09, , at 16:57, Hal Finney wrote: To clarify, this is not really anonymous in the usual sense. Rather it is a proposal to an extension to IPsec to allow for unauthenticated connections. Presently IPsec relies on either pre-shared secrets or a trusted third party CA to authenticate the connection. The new proposal would let connections go forward using a straight Diffie-Hellman type exchange without authentication. .. I don't think anonymous is the right word for this, and I hope the IETF comes up with a better one as they go forward. I believe that in the context of e-mail [1, 2, 3, 4] and FreeSWAN this is called opportunistic encryption. Regards, Zooko [1] http://www.templetons.com/brad/crypt.html [2] http://bitconjurer.org/envelope.html [3] http://pps.sourceforge.net/ [4] http://www.advogato.org/article/391.html
