[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Ordering of payloads



Daniel Harkins writes:
>   Ben,
> 
> > Any reason we don't mandate that the SA be the first payload for
> > aggressive mode exchanges?  Until we parse the SA payload, we have no
> > idea what to do with any of the others in that packet.  It seems that we
> > are making the packet needlessly difficult to parse if the SA payload
> > can be anywhere in the packet.
> 
>   I can't think of a reason. Is this a suggestion? You might want to run
> this by the ipsec list as well if it is. Basically I don't see a problem
> mandating that the 1st payload of the 1st message of a phase 1 exchange
> be a SA payload.

Yes, it was intended as a suggestion.  Anyone have any problems with
making the mandate which Dan states above?


ben





Follow-Ups: