[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
correction on Proxy IPsec
The other night while typing without enough coffee I made
a confusing typo. The corrected text is something like this:
The capability of supporting Proxy IPsec and having
Proxy-IDs (or Client-IDs) in a KM protocol is NOT
unique to ISAKMP/Oakley. It is a feature in a number
of extant manually-keyed IPsec implementations. It
also is a feature in other non-IETF KM protocols in the
past. So I believe that the Proxy-ID attribute should
be retained as an (optional-to-use) part of the IPsec
Security Association defined in the Architecture document.
Without retaining that, we lose an important operational
capability in the IPsec standard.
Apologies for my earlier mistyping.
Ran
rja@inet.org