Re: issues from the bakeoff

[Tero Kivinen <kivinen@ssh.fi>]

Paul Koning writes:
> >>>>> "Dan" == Dan Harkins <dharkins@network-alchemy.com> writes:
>  Dan> - Is it OK to send 3 copies of every single message (which one
>  Dan> implementation was doing)? Yes.
> Similarly, the IKE spec doesn't specifically prohibit sending 3 copies 
> of the message because, I submit, no one thought that anyone would be
> silly enough to do this, so it wasn't necessary to make a specific
> rule "don't do this silly thing".  But I would certainly call this
> implementation broken.

It might also be that the other end used 100 ms retranmission timers,
that was doubled every time, so the first retry was sent 100 ms after
first packet, second retry 200 ms after the second packet, and third
one 400 ms after the second packet etc.

If it took about a second from the other end to process the packet
what he sees is that he is receiving three copies of every packet.

Anyways sending each packet 3 times should matter, because every
implementation MUST be able to interoperate with such system. 
-- 
kivinen@iki.fi                               Work : +358-9-4354 3218
SSH Communications Security                  http://www.ssh.fi/
SSH IPSEC Toolkit                            http://www.ssh.fi/ipsec/

---

Follow-Ups:

• Re: issues from the bakeoff
• From: Paul Koning <pkoning@xedia.com>

References:

• issues from the bakeoff
• From: Dan Harkins <dharkins@network-alchemy.com>
• Re: issues from the bakeoff
• From: Paul Koning <pkoning@xedia.com>

---

• Prev by Date: RE: Dangling phase 2 SAs (was RE: issues from the bakeoff)
• Next by Date: Re: draft-ietf-ipsec-notifymsg-00.txt
• Prev by thread: Re: issues from the bakeoff
• Next by thread: Re: issues from the bakeoff
• Index(es):
  • Main
  • Thread