[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: IBM VPN Bakeoff Issues
>>>>> "Stephen" == Stephen Kent <kent@bbn.com> writes:
Stephen> I'm not talking about modifying the spec. I'm reminding people
Stephen> of why we restricted the number of MUST support cases, and
Stephen> observing that when one ventures outside of this realm,
Stephen> interoperability is likely to suffer greatly. In an effort to
Stephen> get these documents out the door, we were implored by a set of
Stephen> implementaors to simplify previous versions of the architecture
Stephen> document which had called for supporting iterated nesting of
Stephen> SAs.
This is all well and good, and is fine.
Some people want to go beyond the MUSTs (and/or have customers who want
them to), and this is good. The architecture is explicitely extendible.
The problem is that some people, having read the MUSTs, assume that this
is all that is possible, and therefore want to interpret two unequal
proposals for non-MUSTs processing as being the same as something that is a
MUST.
:!mcr!: | Network and security consulting/contract programming
Michael Richardson | Firewalls, TCP/IP and Unix administration
Personal: http://www.sandelman.ottawa.on.ca/People/Michael_Richardson/Bio.html
Corporate: http://www.sandelman.ottawa.on.ca/SSW/
ON HUMILITY: To err is human, to moo bovine.
Follow-Ups:
References: