[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Comments on draft-ietf-ipsec-ike-01.txt (long)

To: Tim Jenkins <tjenkins@TimeStep.com>
Subject: Comments on draft-ietf-ipsec-ike-01.txt (long)
From: Tero Kivinen <kivinen@ssh.fi>
Date: Tue, 1 Jun 1999 19:09:44 +0300 (EET DST)
Cc: ipsec@lists.tislabs.com
In-Reply-To: <319A1C5F94C8D11192DE00805FBBADDFAEAD00@exchange>
Organization: SSH Communications Security Oy
References: <319A1C5F94C8D11192DE00805FBBADDFAEAD00@exchange>
Sender: owner-ipsec@lists.tislabs.com

> 3) Acknowledged Information Exchange
> 
> I'm glad to see this was added. The use of an acknowledged delete mechanism
> will go a long way to improve SA management.
> 
> How does an implementation know when a peer supports this exchange? It seems
> to me that instead of giving it its own exchange number, all that's been
> done is the addition of a Nonce payload to the existing informational
> exchange.

It has its own exchange number:
----------------------------------------------------------------------
   Additional Exchanges Defined-- XCHG values

      Quick Mode                         32
      New Group Mode                     33
      Acknowledged Informational         34
----------------------------------------------------------------------

So if other end returns invalid exchange type, then it doesn't support
it... 
-- 
kivinen@iki.fi                               Work : +358-9-4354 3218
SSH Communications Security                  http://www.ssh.fi/
SSH IPSEC Toolkit                            http://www.ssh.fi/ipsec/

References:

Comments on draft-ietf-ipsec-ike-01.txt (long)

From: Tim Jenkins <tjenkins@TimeStep.com>

Prev by Date: Comments on draft-ietf-ipsec-ike-01.txt (long)
Next by Date: RE: Comments on draft-ietf-ipsec-ike-01.txt (long)
Prev by thread: Comments on draft-ietf-ipsec-ike-01.txt (long)
Next by thread: Re: Comments on draft-ietf-ipsec-ike-01.txt (long)
Index(es):
- Main
- Thread