[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: XAUTH?

To: "'Ioannis Bonias'" <ibonias@raptor.com>
Subject: RE: XAUTH?
From: Greg Carter <greg.carter@entrust.com>
Date: Wed, 21 Jul 1999 13:23:10 -0400
Cc: "'Stephane Beaulieu'" <sbeaulieu@TimeStep.com>, Andrew Krywaniuk <akrywaniuk@TimeStep.com>, "'ipsec@lists.tislabs.com'" <ipsec@lists.tislabs.com>
Sender: owner-ipsec@lists.tislabs.com

-----Original Message-----
From: Ioannis Bonias [mailto:ibonias@raptor.com]
Sent: Friday, July 16, 1999 4:09 PM
To: Greg Carter
Cc: 'Stephane Beaulieu'; Andrew Krywaniuk; 'ipsec@lists.tislabs.com'
Subject: Re: XAUTH?

	Greg,

	1. Why do you want to distinguish a config mode exchange and
	    XAUTH ?

I don't, that is the problem. I want a clear way to know that the exchange
has ended and I can clear state.  Right now I have to check and see if the
XAUTH attribute is set, if it is then allow the exchange to continue.  

If Config mode is to be used in this way then config mode should provide a
simple way to manage state.  With XAUTH there are now two places to check
for state (type field and XAUTH attribute), and nothing has been said about
what to do when multiple attribute payloads are included in an XAUTH
exchange, is it even allowed?, does it make sense?, what if their multiple
state indicators contradict those in the another attribute payload? can the
exchange be more than 4 sequences?

Bye.

Prev by Date: Re: Comment on xauth and hybrid
Next by Date: Re: Comment on xauth and hybrid
Prev by thread: Re: XAUTH?
Next by thread: IPSec on NT?
Index(es):
- Main
- Thread