[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: A pothole in ISAKMP/Oakley

To: pau@watson.ibm.com
Subject: Re: A pothole in ISAKMP/Oakley
From: "Theodore Y. Ts'o" <tytso@MIT.EDU>
Date: Tue, 15 Apr 1997 16:06:04 -0400
Address: 1 Amherst St., Cambridge, MA 02139
Cc: ho@earth.hpc.org, Dan.McDonald@Eng.sun.com, ipsec@tis.com
In-Reply-To: pau@watson.ibm.com's message of Tue, 15 Apr 1997 13:25:16 -0400,<9704151725.AA22888@secpwr.watson.ibm.com>
Phone: (617) 253-8091
Sender: owner-ipsec@ex.tis.com

   From: pau@watson.ibm.com
   Date: Tue, 15 Apr 1997 13:25:16 -0400

   Dan, the spec does say so. But if an implementation uses a montonically
   increasing counter to generate SPI's for ESP and AH, it can interop with
   others. So I think it is worthwhile to put in a safeguard.

It sounds like testing for a monotonically increasing counter would be a
good thing to put into a conformance test suite; if a implementation
dues that, it should be considered broken.  

Is this important enough that we want to put more explicit words in the
spec?  (I will note that in general, this is really about how much we
trust the intelligence and/or competence of the implementors that come
after us.  There are certainly those who believe we shouldn't trust
their competence at all --- although if that's really true, the
situation is probably hopeless.)

						- Ted

References:

Re: A pothole in ISAKMP/Oakley

From: pau@watson.ibm.com

Prev by Date: Re: A pothole in ISAKMP/Oakley
Next by Date: Another pothole in ISAKMP/Oakley
Prev by thread: Re: A pothole in ISAKMP/Oakley
Next by thread: Re: A pothole in ISAKMP/Oakley
Index(es):
- Main
- Thread