Viktor
On Thu, Jul 31, 2014 at 09:24:33PM +0100, t.p. wrote:
But on key management, I am not sure I agree with you. Yes, ECDHE
is a part of key management, but I would not think it on its own as
being key management; or put differently, you either have key
management or you do not, so 'authenticated key management'
seems to me .. well, not real. I look in vain for it in RFC2401
or RFC2828.
One tends to distinguish between key management and key agreement.
I've not previously seen ephemeral key agreement described as key
management. I don't think there is substantive ambiguity with
respect to the meaning of key management in the draft.
I've probably read (and written) more on key management over the past
35+ years,
so let's just say that we disagree on this point.
Steve