[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Phase 1 Re-keying Implementation Identification
Date: Fri, 19 Nov 1999 10:44:12 -0500
From: Paul Koning <pkoning@xedia.com>
Vendor ID is for enabling private extensions. It is NOT for enabling
optional features in the standard. I don't think Tero is saying
otherwise, though if the wording is being misinterpreted that way it
should be clarified so it's obvious that it must not be interpreted
that way.
What a number of folks have complained about is that the IKE framework
doesn't have a particularly good way of turning on optional features,
since as we add new orthoganol features, it causes a combinatoric
explosion in number of IKE proposals that need to offered. Some people
have pointed out that the Vendor ID can be (ab)used to allow for a more
streamlined way of negotiating optional parts of the specification,
especially as we move forward and want to add new (optional) extensions
to IKE.
Granted it it violates the original intention of the Vendor ID payload.
Granted it is an ugly kludge. But the folks who are advocating it are
saying that it might be cleaner and more pragmatic than some of the
alternatives. I think it's fair to consider this point, and not reject
it out of hand --- although I do have a lot of sympathy for the purist
point of view that this is an ugly hack.
- Ted
Follow-Ups:
References: