[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

BAD_ID_RANGE Notification per Oakley

To: ipsec@tis.com, dharkins@cisco.com
Subject: BAD_ID_RANGE Notification per Oakley
From: John Burke <jburke@cylink.com>
Date: Fri, 29 Aug 1997 17:38:59 -0700
Cc: jburke@cylink.com
Sender: owner-ipsec@ex.tis.com

Oakley ver-04 still contains this text (in 5.4 Phase 2 - Quick Mode, a
couple of paragraphs from the end, immediately before the description of
negotiating multiple SA's):

    [ .. ]If an ID range
    (see Appendix A of [Pip96]) is not acceptable (for example, the
    specified subnet is too large) a BAD_ID_RANGE notify message followed
    by an acceptible ID range, in an ID payload, MUST be sent.

Someone pointed out on the list a while ago that the provisions for
notification of bad address are no longer in the ISAKMP spec.  Is this
"MUST" in Oakley meant to stand or should we expect it to go away?

- John Burke,
  Cylink, Sunnyvale, CA

Prev by Date: Re: Is tunnel IP address...
Prev by thread: Re: Is tunnel IP address...
Index(es):
- Main
- Thread