[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Comments on CRACK
Moshe Litvin wrote:
> Section 3.2 IKE Challenge/Response Authentication Failures, the notification does
> not include a space for a user readable message (in fact the length of the
> notification is fixed). On the other the only place to give a specific error code
> the status field is specifically set as private.
>
> As an example of a good protocol, look at ftp (or http) which has a numeric error
> code designed for machine consumption, and an additional text to be read by
> humans.
Tero commented somewhat on this, but I'd like to add to it. The original
impetus behind the notifymsg draft was to come up with standardized text
messages with numeric codes in a style similar to that of ftp, smtp,
http, etc. This was suggested by Bob Moskowitz on numerous occasions. My
first impression was that the codes would need to be a bit longer than 3
digits, but I was just beginning to seriously consider the matter.
About that time I spoke with Charlie Kunzinger, who suggested to me that
we badly needed standardized notify message payloads, and this altered
the course of the draft a bit. In Oslo, it was suggested that we should
at least discuss the efficacy of such standardized messages or codes,
either within the context of the notifymsg draft or independently. I had
intended to bring this up in DC next month, so Moshe's comments are
timely.
The current notifymsg draft suggests optional error text in many of the
messages. It is possible that we might want to come up with standard
text and codes, in which case transmission of the codes would suffice in
many cases. I am just beginning to give this some thought. If anyone has
specific suggestions along these lines, please send comments to Tero and
me.
Scott
References: