[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: exchange type 6?

To: "'Dan Harkins'" <dharkins@potassium.cips.nokia.com>
Subject: RE: exchange type 6?
From: "Andrew Krywaniuk" <andrew.krywaniuk@alcatel.com>
Date: Wed, 21 Feb 2001 14:21:24 -0500
Cc: <ipsec@lists.tislabs.com>
Importance: Normal
In-Reply-To: <200102210347.f1L3lQ656336@potassium.cips.nokia.com>
Reply-To: <andrew.krywaniuk@alcatel.com>
Sender: owner-ipsec@lists.tislabs.com

Oh come on, Dan. Get off your high horse (and stop pretending you had never
heard of mode config before).

I find it quite odd that you continue to harp on this issue when just a few
months ago Derrell was asking IANA to make an exception to the assigned
numbers for AES (see
http://www.vpnc.org/ietf-ipsec/mail-archive/msg01675.html).

At the last SAAG meeting, someone suggested that we should continue to make
DSA a MUST in order to punish those people who only implemented RSA.
However, Jeff made the decision that since there were 5 times as many RSA
implementations as DSA, it was far more practical just to make RSA a MUST.

People make mistakes. The rules are flexible, so why go out and
intentionally create an interoperability issue where none existed before
(remember that this will also punish the people who implement the future
exchange mode which is legitimately awarded the number 6).

Andrew
-------------------------------------------
Upon closer inspection, I saw that the line
dividing black from white was in fact a shade
of grey. As I drew nearer still, the grey area
grew larger. And then I was enlightened.


> -----Original Message-----
> From: owner-ipsec@lists.tislabs.com
> [mailto:owner-ipsec@lists.tislabs.com]On Behalf Of Dan Harkins
> Sent: Tuesday, February 20, 2001 10:47 PM
> To: Gaurav Khanna
> Cc: jeff; ipsec@lists.tislabs.com
> Subject: Re: exchange type 6?
>
>
>   Neither of which make it OK to steal a reserved value. Nortel can
> do it too and it still isn't right.
>
>   Dan.
>
> On Tue, 20 Feb 2001 18:55:08 PST you wrote
> > I have seen it in drafts that dont expire till april and have been
> > implemented elsewhere than cisco.
> > /Gaurav Khanna
> >
> > -----Original Message-----
> > From: Dan Harkins [mailto:dharkins@potassium.cips.nokia.com]
> > Sent: Tuesday, February 20, 2001 4:32 PM
> > To: jeff
> > Cc: ipsec@lists.tislabs.com
> > Subject: Re: exchange type 6?
> >
> >
> >   A Cisco implementation? That's regrettable. Somebody
> must've put it
> > there after I left because I didn't do it. Exchange #6 is
> reserved for
> > "ISAKMP Future Use" but a now-expired internet draft used it. The
> > procedure is to use a "private use" number for drafts and if it is
> > advanced it is awarded a real number by IANA. It is for
> this reason--
> > some drafts have problems and are never advanced so it is unwise to
> > tie up magic numbers for evolutionary dinosaurs-- that
> these rules were
> > put in place.
> >
> >   Hopefully the next exchange that is advanced will be
> awarded 6 and all
> > those people who implemented the now-expired internet draft
> will be SOL.
> >
> >   Dan.
> >
> > On Tue, 20 Feb 2001 13:13:05 PST you wrote
> > > Has ISAKMP exchange type #6 been defined? I've seen this
> > > transmitted by a Cisco IPSec implementation.
> > >
> > > Thanks,
> > >
> > > Jeff Enderwick
> > >
>

Follow-Ups:

Re: exchange type 6?

From: Dan Harkins <dharkins@potassium.cips.nokia.com>

References:

Re: exchange type 6?

From: Dan Harkins <dharkins@potassium.cips.nokia.com>

Prev by Date: Secure MPLS DOI and SMPLS Architecture
Next by Date: Re: Any firm plans for another Bakeoff?
Prev by thread: Re: exchange type 6?
Next by thread: Re: exchange type 6?
Index(es):
- Main
- Thread