[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: ESP revisions straw poll



Dan,

I was not able to attend the WG meeting.  I do not know what fraction
of the WG was there.  I suspect that there are many more WG members
than I have seen responded to the straw poll.

> But are you willing to accept the wishes of the working group which may
> be at odds with yours (collectively, that is, as a member of the "IPSEC
> Document Editing Team")?

Sure I'm willing to accept the wishes of the working group for IETF
standards.  Many folk contribute ideas that do not end up in
standards, but which help to make the things that get standardized
better.  Maybe seeing the usefulness of an authentication mechanism
that does not require predicting what a packet will look like the
future is one of those ideas; maybe not.  Time and the customers will
decide.

For example, a couple minor changes to the IP Routing Extension Header
would have made it trivial to process/forward and secure.  But for
whatever reason it was not done and now we have to spend the cycles
living with it (making AH processing more complex), or changing the
spec, based on implementation experience, as it works its way through
the standardization process.  It is a lot easier for all concerned if
we can get it right, or as close to right as we can collectively
achieve, the first time around.

Needless to say, I would like to use as much of the IPSec work as
possible as a basis for code I, and probably a lot of other folk with
customers, have to deliver Real Soon Now, and not have to reinvent
some of the wheel.

Charlie
BTW, if it was not clear that my comments are my own as an
implementer, let me clarify that now.  I was not speaking as a member
of the "IPSEC Document Editing Team" when I responded to the straw poll.


Follow-Ups: