[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: ipsec error codes
Dan McDonald wrote:
>
> > The important point here is that they are defined with particular
> > semantic goals, which may or may not encompass the requirements of our
> > situation. This brings us to a question: what, exactly, are our
> > requirements?
>
> Good question.
>
> At first glance, I don't see what problem is being solved. What on-the-wire
> entity would issue these codes and messages?
>
I'm replying again because, after reviewing my initial reply, I don't
think I answered the implied portion of your message regarding the
problem being solved. My understanding is that this would go a long way
toward facilitating multi-vendor security implementation management. ANX
is a good example, in that you (hopefully) have no way to guarantee what
vendor's device you will be speaking to when connecting with a trading
partner. Furthermore, a given installation may utilize several different
vendors' devices for various applications. In this situation,
standardized event codes would go a long way in terms of diagnostics,
accounting, etc.
Scott
Follow-Ups:
References: