[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

IPsec DOI v7 - comment

To: "Elfed T. Weaver" <weaver@hydra.dra.hmg.gb>
Subject: IPsec DOI v7 - comment
From: Ben Rogers <ben@Ascend.COM>
Date: Sat, 7 Mar 1998 21:10:57 -0500 (EST)
Cc: ipsec@tis.com, ddp@network-alchemy.com
In-Reply-To: <199803051226.HAA07188@relay.rv.tis.com>
References: <199803051226.HAA07188@relay.rv.tis.com>
Reply-To: ben@Ascend.COM (Ben Rogers)
Sender: owner-ipsec@ex.tis.com

Elfed T. Weaver writes:

> Protocol ID              Value
> RESERVED                0
> PROTO-ISAKMP        1
> PROTO-IPSEC-AH      2
> PROTO-IPSEC-ESP     3
> PROTO-IPCOMP         4
> 
> Q. When is it possible to negotiate a PROTO-ISAKMP SA AND 
> PROTO-IPSEC-* SA "at the same time" 
> 
> 
> Is it not the case that :
> PROTO-ISAKMP is negotiated in phase 1 ONLY and
> PROTO-IPSEC-*  negotiated in phase 2 ONLY

Or alternatively that the IKE draft provides (in addition to a generic
Key Exchange method) a phase 1 DOI?  It would be nice if we could
(perhaps for IPsecond) sit down and clean up these drafts, splitting the
IKE draft into logically unrelated IKE and Oakley-DOI documents.

ben

References:

IPsec DOI v7 - comment

From: "Elfed T. Weaver" <weaver@hydra.dra.hmg.gb>

Prev by Date: Re: IPSEC tunnels and Mobile IP
Next by Date: [IPsec] ANSI X9.62 Groups
Prev by thread: IPsec DOI v7 - comment
Next by thread: Re: IPsec DOI v7 - comment
Index(es):
- Main
- Thread