[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: "in-band" is wrong idea/terminology

To: ipsec@ans.net
Subject: Re: "in-band" is wrong idea/terminology
From: ashar@osmosys.incog.com (Ashar Aziz)
Date: Thu, 23 Feb 1995 11:37:58 -0800

> From: "William Allen Simpson" <bsimpson@morningstar.com>
> However, it would certainly be reasonable for the key management
> protocol to negotiate the use of a security transform which carries
> these parasitic key changes.

Yes, this was my initial understanding as well. Perry, this is why
I said at the Toronto meeting that I did not have problems with
what had been discussed, because it did not strike me then that this 
had been precluded.

However, I believe that parasitic is the wrong word. BTW, there
are not going to be any more problems with fragmentation etc., as the
effect of the keys is not random. It is just as predictable as the
effect of the IVs that are in the packet, and which also causes the
packets to increase in size.

> > If not, then I believe that
> > there is merit in detailing how to indicate in-band keys in the protocol.
> 
> You are certainly welcome to write up alternative security transforms
> for our enlightenment.

I certainly dont have any problems with this. However, I believe that
the base document needs to explicitly accommodate this case, and the
1 bit from the SAID field as Hugo suggested is the right way to do this.
I can offer sample text for that as well.

Ashar.

Prev by Date: Re: WG last call for IPv4 AH and ESP
Next by Date: Re: WG last call for IPv4 AH and ESP
Prev by thread: "in-band" is wrong idea/terminology
Next by thread: Re: "in-band" is wrong idea/terminology
Index(es):
- Main
- Thread