Re: (IPng) Re: out-of-band key management

[ashar@osmosys.incog.com (Ashar Aziz)]

> From: Ran Atkinson <rja@bodhi.itd.nrl.navy.mil>
> 
>   I find it REALLY fascinating that Dan Nessett and Ashar Aziz now
> agree that they in fact don't need a Structured SAID and that they
> can get along fine with having a single SAID dedicated to mean
> that "what comes next is a special in-band thingy".
> 
>   I note that this capability is -- and has for many months --
> been in the IPv6 specs.  There is an entire block of reserved
> SAIDs for IANA to allocate as IANA sees fit.  No changes to the
> specs are needed for this as the hook was ALREADY present in
> the IPv6/IPv4 security specs.

Ran,

Does this mean that you agree that the following text should be
taken out from Section 4 of the "IPv6 Security Architecture" document?

   "IPv6 is not intended to support so-called "in-band" key management, where 
   the key management data is carried in a distinct IPv6 header.  Instead 
   it will primarily use so-called "out-of-band" key management, where the key
   management data will be carried by an upper layer protocol such as UDP
   or TCP on some specific port number."


Regards,
Ashar.

---

Follow-Ups:

• Re: (IPng) Re: out-of-band key management
• From: "Perry E. Metzger" <perry@imsi.com>
• Re: (IPng) Re: out-of-band key management
• From: Ran Atkinson <rja@bodhi.itd.nrl.navy.mil>

---

• Prev by Date: Re: user-to-user vs. host-to-host keying
• Next by Date: Re: (IPng) Re: out-of-band key management
• Next by thread: Re: (IPng) Proposed Standard or no?
• Index(es):
  • Main
  • Thread