[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: IKE Minor version
At 16:14 28.6.1999 -0700, you wrote:
>-----BEGIN PGP SIGNED MESSAGE-----
>Hash: SHA1
>
>Oops. Just noticed that the versioning in RFC 2408 is strangely
>backwards. And to think I thought it was a bug in my code that I
>rejected larger minor versions! Since 1.0 is the "current" version,
>and 1.1 is the "old" version, how do we change the version number to
>indicate minor updates such as those in the new IKE draft while
>retaining compatibility??
>
The old version is 0.1.
Still, it is correct to reject a 1.1 version number. If we
start sending "version 1.1" all old implementations will reject
the connection. If they send INVALID-MINOR-VERSION, we can retry
with 1.0. This is ugly.
Common Vendor ID payloads?
How about sending "RFC4000" if you support a new RFC
or "draft-ietf-ipsec-isakmp-xauth-03" if you support a new draft.
Jörn
References: