[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

mailing list for IPsec errors task force

To: ipsec@tis.com
Subject: mailing list for IPsec errors task force
From: Michael Richardson <mcr@sandelman.ottawa.on.ca>
Date: Thu, 27 Aug 1998 18:22:35 -0400
cc: ipsec-errors@sandelman.ottawa.on.ca
Sender: owner-ipsec@ex.tis.com


  To subscribe, send email to majordomo@sandelman.ottawa.on.ca with
the body:
	subscribe ipsec-errors
or:
	subscribe ipsec-errors someaddress@some.where.nice

SubCharter: Work to be finished by the end of September.

[Last updated on: Thu Aug 27 18:38:52 1998]
  This is the mailing list for three task forces of the IPsec(ond) WG.

1. The IPsec ICMP task force is a sub-group of the IPsec(ond) WG. 
It is mandated to document uses of ICMP messages for error,
diagnostics and normal operational use.

  The document will classify ICMP messages into messages which have a
security impact to IPsec SAs and MUST be ignored. Messages which
have no security impact, but no utility either and CAN be ignored.
Messages which are necessary for normal operation, error reporting and
for diagnostics and which must be processed. 

  The method of processing will be described.

2. The IPsec SNMP task force is a sub-group of the IPsec(ond) WG. 
It is mandated to define an IPSec SNMP MIB.

  Its first product is to define IPSec SNMP MIBs for the use of system
administrators. As such, the MIBs will include information about phase 1 and
phase 2 SAs on a system. The information provided about each SA will include
static information such as endpoints IDs, transform and expirations. It will
also include dynamic information related to traffic and error counts, such
as HMAC failures.

  Some traps will also be defined.

  The storage and secure transmission of IPSec MIBs is beyond the
scope of this sub-group. The inclusion of diagnostic information such
as keying material is beyond the scope of this MIB. However, future
MIBs may include this information.

3. The IPsec IKE protocol error task force is a sub group of the
IPsec(ond) WG.  It is mandated to
	a) document the errors messages, reporting practices and error
	conditions in current IKE implementations which are caused by
	error conditions in the IKE protocol, 
	b) reduce the list of error conditions to a common set,
	classify them and assign numeric codes, common text, response
	and explanation, and
	c) define a common format for the notification data where the
	response to an error condition is a NOTIFY message. 

====

This mailing list restricts who may post to it. To post to the mailing
list you must be a reader of it, or you must be subscribed to the
special "ipsec-errors-nomail" list. This is done as a measure to
reduce spam.

The mailing list is archived at http://www.sandelman.ottawa.on.ca/ipsec-errors/
The general IPsec mailing list is at ipsec@tis.com (email to
majordomo@tis.com), with archives at:
	ftp://ftp.tis.com/pub/lists/ipsec
and searchable archives at:
	http://www.sandelman.ottawa.on.ca/ipsec/

Prev by Date: Re: question about IKE Quick Mode
Next by Date: IDs clarification
Prev by thread: Re: question about IKE Quick Mode
Next by thread: IDs clarification
Index(es):
- Main
- Thread