[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: phase 2 and ports

To: Dan Harkins <dharkins@cips.nokia.com>
Subject: Re: phase 2 and ports
From: Stephen Kent <kent@bbn.com>
Date: Tue, 27 Jun 2000 10:19:27 -0400
Cc: Jan Vilhuber <vilhuber@cisco.com>, ipsec@lists.tislabs.com
In-Reply-To: <200006261921.MAA02694@potassium.network-alchemy.com>
References: <200006261921.MAA02694@potassium.network-alchemy.com>
Sender: owner-ipsec@lists.tislabs.com

Jan is right.  We used to have port ranges and similar features for 
SPD configuration in the I-D precursor to RFC 2401, but they were 
deleted because IKE didn't support them and nobody wanted to change 
the IKE spec.

Note, that we have a WG on IP security policy and it is exploring 
ways to offer real negotiation for IPsec peers, prior to IKE 
exchanges.  That way one need not add complexity to IKE but one can 
offer more sophisticated negotiation capabilities.

Steve

Follow-Ups:

Re: phase 2 and ports

From: "Scott G. Kelly" <skelly@redcreek.com>

References:

Re: phase 2 and ports

From: Dan Harkins <dharkins@cips.nokia.com>

Prev by Date: Re: phase 2 and ports
Next by Date: Re: phase 2 and ports
Prev by thread: Re: phase 2 and ports
Next by thread: Re: phase 2 and ports
Index(es):
- Main
- Thread