[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: problems with draft-jenkins-ipsec-rekeying-06.txt
Hugh:
> As noted the message ID in the ISAKMP header-- and used in the prf
> computation-- is unique to this exchange and MUST NOT be
> the same as
> the message ID of another phase 2 exchange which generated this
> informational exchange.
>
> This does not qualify "unique" in any way. It does clearly use the
> admonition "MUST NOT".
As I mentioned several weeks ago, your statement here is misleading. The
"MUST NOT" clause only applies to the statement that the informational
exchange shoudn't use the same message id AS THE QM WHICH (PRESUMABLY)
CAUSED IT TO BE GENERATED.
As for your clear misinterpretation of the word "unique", let's go straight
to the source. Take a look at the passage I have blocked off and you will
see how the words "unique to" are commonly interpreted.
According to Webster:
Main Entry: unique
Pronunciation: yu-'nEk
Function: adjective
Etymology: French, from Latin unicus, from unus one -- more at ONE
Date: 1602
1 : being the only one : SOLE <his unique concern was his own comfort> <I
can't walk away with a unique copy. Suppose I lost it? -- Kingsley Amis>
<the unique factorization of a number into prime factors>
2 a : being without a like or equal : UNEQUALED <could stare at the flames,
each one new, violent, unique -- Robert Coover>
_______________________________________________________
b : distinctively characteristic : PECULIAR 1 <this is not a condition
unique to California -- Ronald Reagan>
_______________________________________________________
3 : UNUSUAL <a very unique ball-point pen> <we were fairly unique, the sixty
of us, in that there wasn't one good mixer in the bunch -- J. D. Salinger>
synonym see STRANGE
- unique·ly adverb
- unique·ness noun
usage Many commentators have objected to the comparison or modification (as
by somewhat or very) of unique; the statement that a thing is either unique
or it is not has often been repeated by them. Objections are based chiefly
on the assumption that unique has but a single absolute sense, an assumption
contradicted by information readily available in a dictionary. Unique dates
back to the 17th century but was little used until the end of the 18th when,
according to the Oxford English Dictionary, it was reacquired from French.
H. J. Todd entered it as a foreign word in his edition (1818) of Johnson's
Dictionary, characterizing it as "affected and useless." Around the middle
of the 19th century it ceased to be considered foreign and came into
considerable popular use. With popular use came a broadening of application
beyond the original two meanings (here numbered 1 and 2a). In modern use
both comparison and modification are widespread and standard but are
confined to the extended senses 2b and 3. When sense 1 or sense 2a is
intended, unique is used without qualifying modifiers.
Andrew
--------------------------------------
Beauty with out truth is insubstantial.
Truth without beauty is unbearable.
> -----Original Message-----
> From: owner-ipsec@lists.tislabs.com
> [mailto:owner-ipsec@lists.tislabs.com]On Behalf Of D. Hugh Redelmeier
> Sent: Thursday, July 13, 2000 12:39 PM
> To: Tim Jenkins
> Cc: IPsec List; Hugh Daniel; John Gilmore; Henry Spencer
> Subject: RE: problems with draft-jenkins-ipsec-rekeying-06.txt
>
>
> | From: Tim Jenkins <TJenkins@Catena.com>
>
> In this message, I'll deal only with one key point Tim makes:
>
> | Your justification is that message IDs are required by the RFCs
> | to be unique.
> |
> | I am unable to find such a requirement. RFC 2408 section
> 3.1 only says "This
> | value is randomly generated by the initiator of the Phase 2
> negotiation." In
> | practise, this may mean that it is unique, but it's not a
> requirement.
>
> On 2000 June 20, I sent a message to the list with the subject
> "uniqueness of Message IDs and related issues". It dealt this topic
> in detail. I'll cut and paste a few bits of it here. For more
> complete coverage, have a look at the original message.
>
> RFC2408 "ISAKMP" 3.1 "ISAKMP Header Format" (near end) states that
> the Message ID must be unique:
>
> o Message ID (4 octets) - Unique Message Identifier used to
> identify protocol state during Phase 2 negotiations.
> This value
> is randomly generated by the initiator of the Phase 2
> negotiation. In the event of simultaneous SA establishments
> (i.e. collisions), the value of this field will likely be
> different because they are independently generated
> and, thus, two
> security associations will progress toward establishment.
> However, it is unlikely there will be absolute simultaneous
> establishments. During Phase 1 negotiations, the value MUST be
> set to 0.
>
>
> ... from RFC2409 "IKE", section 5.5
> "Phase 2 - Quick Mode":
>
> The message ID in the ISAKMP header identifies a Quick Mode in
> progress for a particular ISAKMP SA which itself is
> identified by the
> cookies in the ISAKMP header.
>
> But another part, 5.7 "ISAKMP Informational Exchanges" says:
>
> As noted the message ID in the ISAKMP header-- and used in the prf
> computation-- is unique to this exchange and MUST NOT be
> the same as
> the message ID of another phase 2 exchange which generated this
> informational exchange.
>
> This does not qualify "unique" in any way. It does clearly use the
> admonition "MUST NOT".
>
> Hugh Redelmeier
> hugh@mimosa.com voice: +1 416 482-8253
>
Follow-Ups:
References: