[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

ICMP type field as SPD selector?

To: ipsec@tis.com
Subject: ICMP type field as SPD selector?
From: "Matt Crawford" <crawdad@fnal.gov>
Date: Tue, 01 Sep 1998 15:19:16 -0500
Cc: Thomas Narten <narten@hygro.raleigh.ibm.com>, Steve Deering <deering@cisco.com>, Bob Hinden <hinden@iprg.nokia.com>
Sender: owner-ipsec@ex.tis.com

I am trying to prepare a sufficient specification of how IPv6 "Router
Renumbering" should (excuse me, MUST) be protected by IPsec.  Router
renumbering is done through ICMPv6 packets with Type=138.  The Type
field is not one of those listed in section 4.4.2 of the
ipsec-arch-sec-07 as a REQUIRED or OPTIONAL selector parameter, and
yet I'm sure one would not want to treat all ICMP types equally, in
general.

I would suggest that the Type field be mentioned as a selector
parameter, but it seems a little late for that.  Perhaps my document
could dictate that implemetations must support such a selector, but
that seems a bit far afield.  I solicit other suggestions.
______________________________________________________________________________
Matt Crawford                    crawdad@fnal.gov                     Fermilab
"A5.1.5.2.7.1. Remove all classified and CCI boards from the COMSEC equipment,
thoroughly smash them with a hammer or an ax, and scatter the pieces."

Next by Date: Re: Deletion of SA
Next by thread: Re: Deletion of SA
Index(es):
- Main
- Thread