[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: ipsec error codes



Dan McDonald wrote:
> 
> > The important point here is that they are defined with particular
> > semantic goals, which may or may not encompass the requirements of our
> > situation. This brings us to a question: what, exactly, are our
> > requirements?
> 
> Good question.
> 
> At first glance, I don't see what problem is being solved.  What on-the-wire
> entity would issue these codes and messages?
> 

I'm replying again because, after reviewing my initial reply, I don't
think I answered the implied portion of your message regarding the
problem being solved. My understanding is that this would go a long way
toward facilitating multi-vendor security implementation management. ANX
is a good example, in that you (hopefully) have no way to guarantee what
vendor's device you will be speaking to when connecting with a trading
partner. Furthermore, a given installation may utilize several different
vendors' devices for various applications. In this situation, 
standardized event codes would go a long way in terms of diagnostics,
accounting, etc.

Scott


Follow-Ups: References: