[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: issues from the bakeoff

To: ipsec@lists.tislabs.com
Subject: Re: issues from the bakeoff
From: Joern Sierwald <joern.sierwald@datafellows.com>
Date: Wed, 16 Jun 1999 11:02:16 +0300
In-Reply-To: <4.0.2.19990615150140.00fa0910@honeybee.cisco.com>
References: <199906151954.MAA21779@potassium.network-alchemy.com>
Sender: owner-ipsec@lists.tislabs.com

At 19:18 15.6.1999 -0700, Avram Shacham wrote:
>At 12:54 PM 6/15/99 -0700, Dan Harkins wrote:
>>	- A CPI is two bytes. Is it OK to send a 4 byte one and have the upper
two bytes
>>	  be zero?
>
>RFC2393 sets the CPI field in the header to be 2 octets, so the question 
>seems to be related to the negotiation of  CPI via the Internet Key 
>Exchange.  Could implementations support both ways, i.e. negotiate
>using just 2-byte field or using the LS 2-bytes of a 4-byte field?
>
Yes. Since CPI values are two bytes long, we should send two byte SPI values.
For compatablities sake, we should accept four byte SPI values too, the CPI
is in the LS two bytes.

>>	- A PCP RFC seems to say that tunnel mode processing is not possible. Is
this true?
>
>No. 
Just to remind everybody, the proper way to compress in tunnel mode is:
IP ESP IPCOMP IP PAYLOAD

We did IP ESP IP IPCOMP PAYLOAD, and it was not well received.

Jörn Sierwald

References:

issues from the bakeoff

From: Dan Harkins <dharkins@network-alchemy.com>

Re: issues from the bakeoff

From: Avram Shacham <shacham@cisco.com>

Prev by Date: RE: RFC2409 (Chess Tournament)
Next by Date: RE: RFC2409 (Chess Tournament)
Prev by thread: Re: issues from the bakeoff
Next by thread: Re: issues from the bakeoff
Index(es):
- Main
- Thread