[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

No Subject

From: "Michael C. Richardson" <mcr@sandelman.ottawa.on.ca>
Date: Tue, 24 Nov 1998 18:24:45 -0500 (EST)
Prev-Resent: Tue, 24 Nov 1998 18:24:44 -0500
Prev-Resent: "ipsec@tis.com "
Sender: owner-ipsec@ex.tis.com

>From mcr@sandelman.ottawa.on.ca  Tue Nov 24 16: 22:55 1998
Received: from po1.bbn.com (PO1.BBN.COM [192.1.50.38])
	by lox.sandelman.ottawa.on.ca (8.8.7/8.8.8) with ESMTP id QAA05419
	for <ipsec-errors@sandelman.ottawa.on.ca>; Tue, 24 Nov 1998 16:22:53 -0500 (EST)
Received: from [128.33.238.111] (TC111.BBN.COM [128.33.238.111])
	by po1.bbn.com (8.8.6/8.8.6) with ESMTP id QAA06528;
	Tue, 24 Nov 1998 16:22:35 -0500 (EST)
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
X-Sender: kent@po1.bbn.com (Unverified)
Message-Id: <v04011702b280a757305c@[128.33.238.37]>
In-Reply-To: <199811161641.LAA23421@venus.solidum.com>
Date: Tue, 24 Nov 1998 13:14:10 -0500
To: ipsec-errors@sandelman.ottawa.on.ca
From: Stephen Kent <kent@bbn.com>
Subject: Re: Selector fields for ICMP in Arch doc
Cc: ipsec@tis.com, ipsec-errors@sandelman.ottawa.on.ca
Resent-To: ipsec@tis.com
Resent-Date: Tue, 24 Nov 1998 18:24:45 -0500
Resent-From: "Michael C. Richardson" <mcr@istari.sandelman.ottawa.on.ca>

Michael,

>  One point that I think ICMP group is unanimous is that the SPD/SAD support
>for ICMP. We feel that it should be extended to include ICMP type and code
>fields as selectors.
>
>  Matt Crawford has suggested that since the architecture document provides
>a minimum set, the IPv6 people can impose additional requirements if they
>need.
>  The question is do we want to make these an item for the IPv4 Standard's
>Arch document? I suggest that the text read like:
>	"An implementation MAY support ICMP as a selector for the SAD. If an
>	implementation does support ICMP, then it MUST support both ICMP
>	type and code as selectors"
>
>  Stephen? What say you?

I agree that we should extend the architecture doc to include selectors for
ICMP processing, as part of a more comprehensive ICMP processing
description, under IPsecond.

>  This has ramifications for IKE as well: however, if you consider type/code
>to be a 16 bit item, you might pretend that it is the "port" field. I suggest
>that type be made the MSB and code the LSB.
>
>  [do we have RFCs yet???? Do we even have numbers?]

Yes, the numbers are 2401-2412.  Jon assigned them prior to his death, to
allow us to cite them appropriately in a National Reserach Council report
that Bellovin and I worked on.

Steve

Prev by Date: Re: ISAKMP Extended Authentication
Next by Date: Re: Bundle or not in negotiation
Prev by thread: No Subject
Next by thread: minor inconsistency in arch doc (maybe)
Index(es):
- Main
- Thread