[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

IKE Minor version

To: Will Price <wprice@cyphers.net>
Subject: IKE Minor version
From: Tero Kivinen <kivinen@ssh.fi>
Date: Tue, 29 Jun 1999 18:15:23 +0300 (EET DST)
Cc: ipsec@lists.tislabs.com
In-Reply-To: <377800A6.9E7E0195@cyphers.net>
Organization: SSH Communications Security Oy
References: <377800A6.9E7E0195@cyphers.net>
Sender: owner-ipsec@lists.tislabs.com

Will Price writes:
> I didn't see anything in the new IKE draft about bumping the minor
> version number.  Since some methods have changed such as how one goes
> about deleting SAs (the new Acknowledged Exchange), it seems that it
> would be appropriate to change the IKE version described in the new
> draft to 1.1 rather than 1.0.  This should allow existing IKE clients
> to continue to function with new clients while allowing new clients
> to use the new features.

There is no reason to bump up the version number of the ISAKMP because
of those changes. The new acknowledged notification exchange is using
new exchange type, so old implementations will just send back invalid
exchange type notification, and new version can detect the lack of
support for that from there.

See my "IKE Extensions Methods" (draft-ietf-ipsec-ike-ext-meth-01.txt)
draft for more information when and how we should bump up the version
number. 
-- 
kivinen@iki.fi                               Work : +358-9-4354 3218
SSH Communications Security                  http://www.ssh.fi/
SSH IPSEC Toolkit                            http://www.ssh.fi/ipsec/

References:

IKE Minor version

From: Will Price <wprice@cyphers.net>

Prev by Date: Re: Comments on draft-ietf-ipsec-ike-01.txt
Next by Date: Re: IKECFG and DHCP (was Getting the Feature Chart going)
Prev by thread: Re: IKE Minor version
Next by thread: ADV. NO MORE HANG-UPS!
Index(es):
- Main
- Thread