RE: ISAKMP SA negotiation

[Jim Hoagland <Jim_Hoagland@ccm.jf.intel.com>]

Text item: Text Item


This does seem a bit strange.  The initiator could just send out its favorite
proposal and test for a response.  The responder could wait until it sees its
favorite proposal and perhaps accept a proposal it once rejected.  If the
initiator and the responder were being very competative and selfish, one could
image the parties holding out on accepting proposals until it gets what it
wants, playing a variant on the game of chicken.  How would one prevent this?

-----Original Message-----
From:   owner-ipsec@portal.ex.tis.com 
Sent:   Tuesday, July 01, 1997 1:53 PM
To:     ipsec@tis.com
Subject:        Re: ISAKMP SA negotiation

> That might be what you'd do but my implmementation chooses P2. In the
> example, B has his own policy priority settings; he wants P2 over P1.
> In fact, if A offered P1, P2, P3, P4 and B wanted P4, P2, P1, P3, B
> would select P4. I never let someone else override my local policy. It
> was set like that for a reason.

And what was that reason? :-)

If A offered P1, you'd select P1.
If A offered P2, you'd select P2.
If A offered P3, you'd select P3.
But if A offered P1,P2,P3,P4 you'd select P4.

---

Follow-Ups:

• RE: ISAKMP SA negotiation
• From: Rodney Thayer <rodney@sabletech.com>

---

• Prev by Date: RE: SA negotiation
• Next by Date: [Steve Deering: state of IPsec specs]
• Prev by thread: Re: ISAKMP SA negotiation
• Next by thread: RE: ISAKMP SA negotiation
• Index(es):
  • Main
  • Thread