[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: IPSec Policy Model draft
Thank you for your kind words.
We hope to extend the document to include how this base IPSec policy
would be used with actual topology objects.
>-----Original Message-----
>From: Ben Rogers [SMTP:ben@Ascend.COM]
>Sent: Monday, February 23, 1998 4:40 PM
>To: Roy Pereira
>Cc: IPSEC Mailing List (E-mail); VPN Mailing List (E-mail)
>Subject: IPSec Policy Model draft
>
>Roy Pereira writes:
>>
>> Internet Engineering Task Force R. Pereira, TimeStep Corp.
>> IP Security Working Group P. Bhattacharya, IBM Corp.
>
>> IsakmpDescriptor ::=
>> SEQUENCE {
>> exchange ENUMERATED {
>> MainMode,
>> AggressiveMode } OPTIONAL,
>> proposal SEQUENCE OF IsakmpProposal
>> }
>>
>> o The main ISAKMP object mainly includes proposals, but also
>> includes which exchange to utilize. AggressiveMode does not
>> hide the identity of the negotiating peers, while MainMode does.
>> Please refer to [Harkins98] for a more complete reference to
>> both of these two exchange modes.
>>
>> The exchange mode MAY not be included in this object since it
>> MAY instead depend on the peers.
>>
>> o The proposals are all taken as logical ORs when presented
>> together.
>
>Thank you both for such a clear and concise document! Even though I
>wasn't entirely familiar with the notation, I quickly found the text
>well organized, unambiguous and simple to understand. It took me less
>than 5 minutes to read and digest the contents of the document. This
>draft should be a model for future draft authors.
>
>
>ben
>