[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

isakmp attrubute ordering question

To: ipsec@tis.com
Subject: isakmp attrubute ordering question
From: Jeff Pickering <jpickering@phase2net.com>
Date: Thu, 30 Apr 1998 08:54:14 -0700
Organization: phase2 networks
Reply-To: jpickering@phase2net.com
Sender: owner-ipsec@ex.tis.com

I have some questions about parsing and constructing SA payloads
that I was hoping somebody could answer:

1) The ISAKMP draft (sec 4.2) says "The responder SHOULD retain the
Proposal # field in the proposal payload and the Transform # field
in each Transform payload of the selected proposal". 

The intent appears to be making it easy for the initiator to determine
what proposal the responder chose. But since the requirement is SHOULD,
the intiator cant count on the # fields and therefore needs to
use other mechanisms, ie compare each attribute, right? 

2) The IKE draft (sec 5) states "Responders MUST NOT modify
attributes...". Does this mean responders must also maintain
attribute order within a transform?

3) The IKE draft (sec 5 next sentence) states "If the initiator of 
an exchange notices that attribute values have changed..." The term
"notices" seems to be passive and not require that the initiator
actually check for changes. Should this sentence be interpreted
as MUST,SHOULD or MAY check?

Thanks in advance to anyone who comments.

regards,
jeff

Prev by Date: Re: [Karen Seo: Thomas Narten -- clarification, etc.]
Next by Date: Re: IPSEC standardization status
Prev by thread: Which SPD we have to use ?
Next by thread: Re: (IPng 5744) Re: [Karen Seo: Thomas Narten -- clarification, etc.]
Index(es):
- Main
- Thread