[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: Ordering of payloads
Ben / John / Dan,
> John Burke writes:
>
> > The point here is, do we agree at this time that we should require everyone
> > to do the handling I describe? I.E. find the SA first and do it before
> > passing over the other loads? We actually did not implement this way (nor
> > as I remember did the reference implementation for ISAKMP v-06). But where
> > do others stand, A. for the upcoming interoperation tests and B. later for
> > the final ISAKMP draft?
>
> 'twould be nice to have all the code space in the world to work in...
>
> Some of us are extremely restricted as to how much code space we are
> allowed to use. (If I remember the numbers right, on some of our boxes,
> the entire router load needs to fit into less space than Entrust's
> ISAKMP implementation takes.) So, anything that helps us to reduce the
> amount of completely unnecessary processing would be really helpful.
>
> I'm trying to get my brain around the reason it is helpful to allow
> payloads to be in any order, but I am fairly certain we don't lose any
> functionality by requiring that the SA payload in phase I exchanges be
> before any other payloads whose interpretation depend on our SA
> negotiation.
>
> I'm wondering if the WG hasn't been overcome by a bad case of creeping
> featuritis... :)
I've been following this discussion for the past week and want to come
to some resolution on this point. I'm trying to get a new version of
the draft out by the end of this week.
I agree that this may be a case of featuritis, but if it makes for more
interoperable implementations, then maybe it's worth it.
Is there concensus about this issue? Should I modify the ISAKMP draft
to specify that the SA payload MUST be the first payload of the first
message of a Phase 1 exchange? or do we want to just let people
implement it how they want?
Thoughts, anyone??
Thanks,
Doug Maughan