[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Ordering of payloads

To: John Burke <jburke@cylink.com>
Subject: RE: Ordering of payloads
From: Ben Rogers <ben@Ascend.COM>
Date: Fri, 12 Sep 1997 15:46:13 -0400 (EDT)
Cc: ipsec@tis.com
In-Reply-To: <3.0.32.19970912114639.00905470@192.43.161.2>
References: <3.0.32.19970912114639.00905470@192.43.161.2>
Reply-To: ben@Ascend.COM (Ben Rogers)
Sender: owner-ipsec@ex.tis.com

John Burke writes:

> The point here is, do we agree at this time that we should require everyone
> to do the handling I describe?  I.E. find the SA first and do it before
> passing over the other loads?  We actually did not implement this way (nor
> as I remember did the reference implementation for ISAKMP v-06).  But where
> do others stand, A. for the upcoming interoperation tests and B. later for
> the final ISAKMP draft?

'twould be nice to have all the code space in the world to work in...

Some of us are extremely restricted as to how much code space we are
allowed to use.  (If I remember the numbers right, on some of our boxes,
the entire router load needs to fit into less space than Entrust's
ISAKMP implementation takes.)  So, anything that helps us to reduce the
amount of completely unnecessary processing would be really helpful.

I'm trying to get my brain around the reason it is helpful to allow
payloads to be in any order, but I am fairly certain we don't lose any
functionality by requiring that the SA payload in phase I exchanges be
before any other payloads whose interpretation depend on our SA
negotiation.

I'm wondering if the WG hasn't been overcome by a bad case of creeping
featuritis... :)

ben

References:

RE: Ordering of payloads

From: John Burke <jburke@cylink.com>

Prev by Date: Weak DES keys
Next by Date: Re: Slicing and dicing
Prev by thread: RE: Ordering of payloads
Next by thread: RE: Ordering of payloads
Index(es):
- Main
- Thread