ietf
[Top] [All Lists]

Re: [saag] Last Call: <draft-dukhovni-opportunistic-security-01.txt> (Opportunistic Security: some protection most of the time) to Informational RFC

2014-07-31 17:33:04
On Thu, Jul 31, 2014 at 09:24:33PM +0100, t.p. wrote:

But on key management, I am not sure I agree with you.  Yes, ECDHE
is a part of key management, but I would not think it on its own as
being key management; or put differently, you either have key
management or you do not, so 'authenticated key management'
seems to me .. well, not real.  I look in vain for it in RFC2401
or RFC2828.

One tends to distinguish between key management and key agreement.
I've not previously seen ephemeral key agreement described as key
management.  I don't think there is substantive ambiguity with
respect to the meaning of key management in the draft.

-- 
        Viktor.