[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: problems with draft-jenkins-ipsec-rekeying-06.txt



>>>>> "andrew" == andrew krywaniuk <andrew.krywaniuk@alcatel.com> writes:

 >> > Internet drafts are written in a mix of English and jargon;
 >> sometimes the > two languages overlap and it confuses people.
 >> 
 >> I don't actually think that's an issue here...

 andrew> I think it is. There is a mathematical/logical definition of
 andrew> "unique" which goes something like:

 andrew> a is unique in Z if for all b in (Z exclude a) a is not equal
 andrew> to b.

Indeed.  And the real issue actually is that Z has not been defined.

We need to find Z.  Or, more precisely, the smallest sufficient Z.

 >> The primary criterion for choice when resolving ambiguities should
 >> be technical merit, not closeness to the original intent.

 andrew> I disagree here. The time to weigh technical merit is BEFORE
 andrew> the protocol is standardized and everyone has implemented
 andrew> it. Ambiguities should be resolved according to the intent of
 andrew> the clause and the way most people interpreted it.

 andrew> If it turns out that the protocol is actually lacking in
 andrew> technical merit, then it is time to change the protocol. But
 andrew> that should be done in a backwards compatible way that does
 andrew> not break all existing implementations.

Mostly agreed.

Given that we have an existing protocol with existing implementations,
we should:

a. Choose the meaning that "most" have used, if we can find it *and*
if it is technically correct (i.e., secure),

b. Failing that, choose a technically correct interpretation that's
backwards compatible with most of the existing implementations, if
there is one,

c. Failing that, choose a technically correct interpretation (that's
not backwards compatible).

You left out (c) which is the last fallback, but you must have that
one.  (You can't choose backwards compatibility at the expense of
security.) 

     paul


Follow-Ups: References: