[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: IPSEC WORKING GROUP LAST CALL

To: Daniel Harkins <dharkins@cisco.com>
Subject: Re: IPSEC WORKING GROUP LAST CALL
From: Tero Kivinen <kivinen@ssh.fi>
Date: Thu, 19 Feb 1998 04:50:11 +0200 (EET)
Cc: "Theodore Y. Ts'o" <tytso@MIT.EDU>, ipsec@tis.com
In-Reply-To: <199802190030.QAA00233@dharkins-ss20.cisco.com>
Organization: SSH Communications Security Oy
References: <199802182350.SAA14498@dcl.MIT.EDU><199802190030.QAA00233@dharkins-ss20.cisco.com>
Sender: owner-ipsec@ex.tis.com

Daniel Harkins writes:
> > 	Jul 28  1997	draft-ietf-ipsec-isakmp-08.txt
> So this means that the base ISAKMP draft wasn't rev'd? That means that
> one of the issues from the document reading party wasn't addressed.

How about the certificate request payload? There was some talk about
simplifying it so that it would only contain one type / CA and in case
of multiple types / CA's the negotiation would just have multiple
certitificate request payloads. 

> Also, various vendors have in the past requested a Vendor ID payload
> which would carry some opaque blob. This also hasn't been added.

I think that vendor ID payload is very important because otherwise
there really isn't any use for private attributes in SA etc, because
there is no way to know who's private extensions they unless you use
some out of band configuration data to tell the other end's isakmp
vendor. 
-- 
kivinen@iki.fi		              	     Work : +358-9-4354 3207
Magnus Enckellin kuja 9 K 19, 02610, Espoo   Home : +358-9-502 1573

References:

IPSEC WORKING GROUP LAST CALL

From: "Theodore Y. Ts'o" <tytso@MIT.EDU>

Re: IPSEC WORKING GROUP LAST CALL

From: Daniel Harkins <dharkins@cisco.com>

Prev by Date: Any timeframe for a new draft-ietf-ipsec-isakmp?
Next by Date: Re: IPSEC WORKING GROUP LAST CALL
Prev by thread: Re: IPSEC WORKING GROUP LAST CALL
Next by thread: Re: IPSEC WORKING GROUP LAST CALL
Index(es):
- Main
- Thread