[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Deafening Silence



-----BEGIN PGP SIGNED MESSAGE-----





>
> There is a effort to get underway a ISAKMP-OAKLEY interoperability
> event set 
> up for early January 1997.  Details are being worked out now and
> will
> be posted to the list. The current thought is  to have a engineering
> focused event centered on ISAKMP-OAKLEY interoperation where
> developers could work out the kinks. Perhaps other areas in IPSEC
> could also be covered time and interest permiting.
>

I would be curious to know who is implementing ISAKMP/Oakley
at this point (who could interoperate in Jan/97)?

I know about CISCO which implemented an EXTREMELY cut down
ISAKMP/Oakley version which does not support the general framework
very well. Using the name draft-ietf-ipsec-isakmp-oakley is kind of
misleading, I think. I agree with an earlier posting, that the
required ISAKMP/Oakley part has to be smaller than the whole
framework. But I think there are ways to restrict ISAKMP/Oakley
without unnecessarily complicating the not required case. 
  
The DOD implemented ISAKMP (Did they also do Oakley?).

I implemented a key exchange framework which should handle the
complete ISAKMP/Oakley framework. At this point, however, my
implementation is still too unstable to be released to the general
public and incomplete in a sense that not all features are implemented 
at this point. 

I also think that the drafts are not concrete enough so that 2
implementer would come up with interoperable implementations.
(I mean the ISAKMP and Oakley drafts not the
draft-ietf-ipsec-isakmp-oakley.)
I am working on a more detailed list of comments. I already mentioned
some of the bugs on this or the isakmp oakley mailing list and a fix
was promised for the next draft. 

Which drafts are considered as standards? I hope the ISAKMP and the
Oakley draft NOT the draft-ietf-ipsec-isakmp-oakley.


Oliver

-----BEGIN PGP SIGNATURE-----
Version: 2.6.3i
Charset: noconv

iQCVAwUBMlx0mTnVPgUZ7uZJAQGBHwP+NOT3qcG4TUUDYY+x8x5TT34gSYvXetdQ
leDwGZzfKFBGwCdB4O9mEbTOAOND1dphTIcJcxWk/ObjGKkeaDKMC8hJckfQRFIM
3f3FkKYV3gKagWMF2GCYcdo+KqLhgdz9DnoluMI0fBIo3ipA5Advo3BWlcgBvIox
I26Hc3h18Kw=
=VhQ4
-----END PGP SIGNATURE-----



References: