Re: Reliable delete notifies

[Tero Kivinen <kivinen@ssh.fi>]

Dan Harkins writes:
>   I'm doing this work for the Working Group and I can't just
> unilaterally declare that Aggressive Mode is out. I was 
> noting that it's out of my drafty-draft. If the Working Group
> wants Aggressive Mode in the protocol then it is in. So let's
> start a discussion. Does the Working Group want to keep
> Aggressive Mode? Is Aggressive Mode "standards bloat" or
> is it a necessary addition to do what Ben wants to do?

When I talked to implementors in the ipsec interop meeting most of
them said, that aggressive mode should be REPLACED with base mode.
Aggressive mode has lots of problems. Base mode fixes most of them,
and at the same time allows dynamic ip-addresses for all kind of
authentication methods.

I would say we get rid of aggressive mode and add base mode instead.
If we are going to keep aggressive mode, then I will say we must not
add base mode, as I think even 2 different modes is little too much, 3
modes is definately too much.
-- 
kivinen@ssh.fi                               Work : +358 303 9870
SSH Communications Security                  http://www.ssh.fi/
SSH IPSEC Toolkit                            http://www.ssh.fi/ipsec/

---

References:

• Re: Reliable delete notifies
• From: Ben McCann <bmccann@indusriver.com>
• Re: Reliable delete notifies
• From: Dan Harkins <dharkins@cips.nokia.com>

---

• Prev by Date: Reliable delete notifies
• Next by Date: Re: Reliable delete notifies
• Prev by thread: Re: Reliable delete notifies
• Next by thread: Re: Reliable delete notifies
• Index(es):
  • Main
  • Thread