RE: Internet Drafts -- AH and ESP specs

[Stephen Kent <kent@bbn.com>]

Roy,

	As I mentioned in the messages that I cited, this is not new.  Dan
Harkins suggested the use of a NOTIFY for this purpose almost 6 weeks ago.
I was surprized that it didn't make it into the latest DOI, which I looked
at just this week.  There are other things "missing" from the DOI, which
were discussed in Munich.  For example, the architecture document, going as
far back as its predecessor (authored by Ran last November),  calls for
several forms of SA granularity that are not currenetly supported.  Derrell
and I spoke briefly about this in Munich after the WG meeting and I
expected the new DOI would incorporate new facilities to support these
selectors.  But that too slipped through the cracks.  I'm not blaming
Derrell, I'm just pointing out that there are some loose ends to be tied
down and the matter I have raised is not new.

Steve

>I'm just wondering if we should be adding anything to the protocol this
>late, and perhaps this should go in IPSecond?
>
>I also don't see why we would wish to send a whole ISAKMP Notify message
>just to state that we are using replay.  Why not just place an attribute
>in the transform that states "Yes, I'm using replay".  This attribute
>would merely be informational.  We once had this "Replay attribute", but
>it was used for negotiation.
>
>But again, I'm against adding anything to the protocol at this late
>stage.

---

References:

• RE: Internet Drafts -- AH and ESP specs
• From: Roy Pereira <rpereira@TimeStep.com>

---

• Prev by Date: A little document editing nit....
• Next by Date: isakmp-oakley cookie notation
• Prev by thread: RE: Internet Drafts -- AH and ESP specs
• Next by thread: I-D ACTION:draft-ietf-ipsec-ciph-cbc-00.txt
• Index(es):
  • Main
  • Thread