[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: IBM VPN Bakeoff Issues

To: tjenkins@TimeStep.com
Subject: RE: IBM VPN Bakeoff Issues
From: Markku Savela <msa@anise.tte.vtt.fi>
Date: Thu, 5 Nov 1998 16:43:16 +0200 (EET)
CC: ipsec@tis.com
In-reply-to: <319A1C5F94C8D11192DE00805FBBADDF4F7E80@exchange> (message from Tim Jenkins on Thu, 5 Nov 1998 08:48:51 -0500)
Reply-to: msa@hemuli.tte.vtt.fi (Markku Savela)
Sender: owner-ipsec@ex.tis.com


> We also had implementations that jumbled the order when they accepted.
> They're logic is that it doesn't matter, since order is dictated anyway.

To me this logic appears right, as per IPSEC architecture.

I guess the point culminates on something I don't know (I am not
familiar with IKE/ISAMKP details), the question:

  Why does IKE/ISKAMP need to know the ordering of negotiated SAs?

> I don't understand where you're coming from here. Where is the policy
> modification occurring? All we're trying to do is nail down the usage of
> proposals with the same proposal number that appear in an SA payload.

I'm not quite sure... my thoughts went somehow.. why do you need to
care about the ordering if it is already fixed by policy? And it
seemed indicate that the ordering was something that ISAKMP/IKE could
decide on (which is false).

-- 
Markku Savela (msa@hemuli.tte.vtt.fi), Technical Research Centre of Finland
Multimedia Systems, P.O.Box 1203,FIN-02044 VTT,http://www.vtt.fi/tte/staff/msa/

ps. Do you really want to include this HTML version of the text in
    each of your messages, perhaps tick the "send text only" on?

	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
	<HTML>
	<HEAD>

References:

RE: IBM VPN Bakeoff Issues

From: Tim Jenkins <tjenkins@TimeStep.com>

Prev by Date: RE: IBM VPN Bakeoff Issues
Next by Date: RE: IBM VPN Bakeoff Issues
Prev by thread: RE: IBM VPN Bakeoff Issues
Next by thread: RE: IBM VPN Bakeoff Issues
Index(es):
- Main
- Thread