[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

IKE attributes consistency.

To: "Shoichi 'Ne' Sakane" <sakane@ydc.co.jp>
Subject: IKE attributes consistency.
From: Tero Kivinen <kivinen@ssh.fi>
Date: Fri, 15 Dec 2000 21:08:36 +0200 (EET)
Cc: ipsec@lists.tislabs.com, shacham@shacham.net, bobmonsour@home.com, royp@cisco.com, matt@3am-software.com
In-Reply-To: <20001212195528P.sakane@ydc.co.jp>
Organization: SSH Communications Security Oy
References: <20001212195528P.sakane@ydc.co.jp>
Sender: owner-ipsec@lists.tislabs.com

Shoichi 'Ne' Sakane writes:
> we need a consistent rule all over the attribute parsing, so:
> (1) we always attach the same attributes, for all transforms.
> (2) apply suggestion in ippcp draft section 4.1 to all transforms.
>     if there's no attribute, ignore it (if it is mandatory, bark).


The group parameter is attached to quick mode itself not to any
protocol inside the SA proposals. Thats why it the RFC2409 says it
MUST be included in all proposals. I think we should keep it that way,
and fix the draft-shacham-ippcp-rfc2393bis-06 to say that at least
group parameter MUST be accepted there.
-- 
kivinen@ssh.fi                               Work : +358 303 9870
SSH Communications Security                  http://www.ssh.fi/
SSH IPSEC Toolkit                            http://www.ssh.fi/ipsec/

Follow-Ups:

Re: IKE attributes consistency.

From: Abraham Shacham <shacham@juniper.net>

References:

IKE attributes consistency.

From: "Shoichi 'Ne' Sakane" <sakane@ydc.co.jp>

Prev by Date: Re: IPv6 Neighbour Solicitation messages and IPsec
Next by Date: MODP groups draft concern
Prev by thread: IKE attributes consistency.
Next by thread: Re: IKE attributes consistency.
Index(es):
- Main
- Thread