[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: FW: IPSec Monitoring MIB works for IPv4 only?

To: Tim Jenkins <tjenkins@TimeStep.com>
Subject: Re: FW: IPSec Monitoring MIB works for IPv4 only?
From: Daniel Harkins <dharkins@dharkins-ss20.cisco.com>
Date: Thu, 19 Nov 1998 11:28:17 -0800
cc: Tero Kivinen <kivinen@ssh.fi>, ipsec@tis.com
In-reply-to: Your message of "Thu, 19 Nov 1998 13:21:02 EST." <319A1C5F94C8D11192DE00805FBBADDF5957D4@exchange>
Sender: owner-ipsec@ex.tis.com

On Thu, 19 Nov 1998 13:21:02 EST you wrote
> > "ipsecIkeSaEncAlg - Encryption Algorithm" defines DES40-CBC 65001,
> > which is not defined by the DOI (and should not be defined by the DOI,
> > because is it from the private range).
> 
> As I stated in the appendix, they are not part of the MIB. They
> are reproduced for information only.
> 
> The values for DES40 come from a Cisco document, and were used at
> the last interoperability workshop by both Microsoft and TimeStep.

But that document isn't in the WG's batch of I-Ds and no matter who wrote 
it, numbers from that range can't be defined to be any specific algorithm.
65001 might be DES40 for some but it might be the Hasty Pudding Cipher 
for others.

> > Also because the MIB doesn't provide the vendor id information (I
> > think it should!) there is no way to know whose private number space
> > we are using if there are any numbers from the private number space.
> 
> The DES40 values are not private number space; they are in co-operating
> implementations number space.

That *is* the private number space and all values there are intentionally
undefined.

  Dan.

References:

RE: FW: IPSec Monitoring MIB works for IPv4 only?

From: Tim Jenkins <tjenkins@TimeStep.com>

Prev by Date: RE: FW: IPSec Monitoring MIB works for IPv4 only?
Next by Date: RE: FW: IPSec Monitoring MIB works for IPv4 only?
Next by thread: marketing misuse of IPSECond efforts
Index(es):
- Main
- Thread