[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: IKE negotiation/rekeying problem with RSIP
IMO, this should be clearly explained in the next IKE draft. And if there's
a reason to go with one approach over the other, that should be documented
as well. Preferably, the draft should recommend one.
-Mike
Tero Kivinen <kivinen@ssh.fi> on 11/16/99 04:23:45 PM
Sent by: Tero Kivinen <kivinen@ssh.fi>
To: gab@sun.com
cc: "Michael C. Richardson" <mcr@sandelman.ottawa.on.ca>,
ipsec@lists.tislabs.com, "Ylian" <ylian.saint-hilaire@intel.com> (Mike
Borella/MW/US/3Com)
Subject: Re: IKE negotiation/rekeying problem with RSIP
Gabriel Montenegro writes:
> the presentation i gave at the ipsec wg to ask for this (the DOI
> document is very explicit about not allowing these port numbers
> to vary, at least for purposes of including themin the hash):
No, the DOI document is very clear that there is only two possible
port numbers for ID payload, any (== zero), or 500. If you use port
ANY (== zero), then you may also use any port you want.
--
kivinen@iki.fi Work : +358-9-4354 3218
SSH Communications Security http://www.ssh.fi/
SSH IPSEC Toolkit http://www.ssh.fi/ipsec/