[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

More inadequacies in draft-ietf-ipsec-ipsec-doi-03.txt...

To: ipsec@tis.com
Subject: More inadequacies in draft-ietf-ipsec-ipsec-doi-03.txt...
From: Ben Rogers <ben@Ascend.COM>
Date: Mon, 8 Sep 1997 23:14:16 -0400 (EDT)
Reply-To: ben@Ascend.COM (Ben Rogers)
Sender: owner-ipsec@ex.tis.com


>From draft-ietf-ipsec-isakmp-08.txt:

    2.1 ISAKMP Terminology

    ...

    Security Parameter Index (SPI) An identifier for a Security Assocation,
    relative to some security protocol.  Each security protocol has its own
    ``SPI-space''.  A (security protocol, SPI) pair may uniquely identify an
    SA. The uniqueness of the SPI is implementation dependent, but could be
    based per system, per protocol, or other options.  Depending on the DOI,
    additional information (e.g.  host address) may be necessary to identify
    an SA. The DOI will also determine which SPIs (i.e.  initiator's or re-
    sponder's) are sent during communication.

Curiously the DOI does not define this.

Has anyone been able to produce interoperable code without using the
reference implementation?


ben

Follow-Ups:

Re: More inadequacies in draft-ietf-ipsec-ipsec-doi-03.txt...

From: Daniel Harkins <dharkins@cisco.com>

Prev by Date: Re: Certification/Endpoint Identification
Next by Date: Re: Slicing and dicing
Prev by thread: Re: More inadequacies in draft-ietf-ipsec-ipsec-doi-03.txt...
Next by thread: Re: More inadequacies in draft-ietf-ipsec-ipsec-doi-03.txt...
Index(es):
- Main
- Thread