[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Comment on the ISAKMP/Oakley resolution draft (pre-shared)



After thinking about the issue some more and discussing it with
my coworkers, we're willing to go with the workaround proposed
by Pau-Chen, Dan and Hugo (i.e., using an opaque identifier in
Oakley Aggressive Mode to find the correct pre-shared key).
Thanks for the suggestion, guys...

One possibility that Hugo mentioned in one of his messages:
> In order to accomodate this key identifier one needs an
> "Identifiction Type Value" as defined in the Ipsec DOI
> (draft-ietf-ipsec-ipsec-doi-02.txt).
> This can be one of the "private" values to be agrred upon by the
> communicating parties, or we could have a type value (say 7) added in
> that draft for "ID_KEY".
> If there is no opposition to do so I would suggest this mininal editorial
> change to the DOI draft.

Ideally, I too would like to see an "official" value designated in
the DOI draft, if it's possible.  But I'm willing to live with a
private value if we have to...

-Shawn Mamros
E-mail to: smamros@newoak.com


Follow-Ups: References: