[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: Phase 1 Re-keying Implementation Identification
At 06:28 PM 11/18/99 -0500, Andrew Krywaniuk wrote:
>As for the more general question of whether it is appropriate to use vendor
>ids to advertise a feature, this appears to be the only method available in
>IKE at the moment.
Then you should change IKE (or ISAKMP).
The first sentence of section 3.16 in ISAKMP says "The Vendor ID Payload
contains a vendor defined constant." You are not proposing a vendor-defined
constant, you're proposing an announcement of feature that may be
standards-track. These are completely different.
If you want continuous channel support to be TimeStep-only, it is
appropriate to use the Vendor ID payload. Otherwise, some other mechanism
for both sides to be sure that the other side is using it must be developed.
--Paul Hoffman, Director
--VPN Consortium
Follow-Ups:
References: