[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Agenda for the Minneapolis meeting

To: andrew.krywaniuk@alcatel.com
Subject: Re: Agenda for the Minneapolis meeting
From: Ari Huttunen <Ari.Huttunen@F-Secure.com>
Date: Fri, 16 Mar 2001 18:49:08 +0200
CC: "'Paul Hoffman / VPNC'" <paul.hoffman@vpnc.org>, "'Theodore Tso'" <tytso@mit.edu>, "'Dan Harkins'" <dharkins@cips.nokia.COM>, "'Michael Richardson'" <mcr@sandelman.ottawa.on.ca>, ipsec@lists.tislabs.com
Organization: F-Secure Corporation
References: <000101c0ae32$023fb020$4d31788a@andrewk3.ca.alcatel.com>
Sender: owner-ipsec@lists.tislabs.com

If the protocol is really to be upgraded/simplified, these should be done
- QM ID payloads should be able to support firewall-integration and SCTP
- Re-keying simplified / specified
- Some heartbeat / dead-peer-detection chosen (KISS)
- revised hash thingie
- preferrably base mode replacing aggressive mode
- if PKCS#1 is really to be deprecated by FIPS, something there

Plus smaller issues one way or another, I don't care..

Ari

Andrew Krywaniuk wrote:
> 
> There was also a poll at the San Diego bakeoff about whether IKEv2 was
> allowed to change bits on the wire and the answer was yes.
> 
> That being said, I think we should leave the payload formats alone and just
> tweak how they are used. If I have to change any of the code in my isakmp
> directory, I will be disappointed.
> 
> Andrew
> -------------------------------------------
> Upon closer inspection, I saw that the line
> dividing black from white was in fact a shade
> of grey. As I drew nearer still, the grey area
> grew larger. And then I was enlightened.
> 
> > -----Original Message-----
> > From: owner-ipsec@lists.tislabs.com
> > [mailto:owner-ipsec@lists.tislabs.com]On Behalf Of Paul Hoffman / VPNC
> > Sent: Thursday, March 15, 2001 7:22 PM
> > To: Theodore Tso; Dan Harkins
> > Cc: Michael Richardson; ipsec@lists.tislabs.com
> > Subject: Re: Agenda for the Minneapolis meeting
> >
> >
> > At 6:18 PM -0500 3/15/01, Theodore Tso wrote:
> > >That being said, I believe that if we did do a poll, we would see a
> > >strong mandate for something which is "implementation preserving".
> >
> > That poll was taken a year ago, by you, in Adelaide. If I remember
> > correctly, the result was not what you have said here. The result was
> > that people wanted a new version number in exchange for knowing that
> > it would be much easier to implement.
> >
> > --Paul Hoffman, Director
> > --VPN Consortium
> >

-- 
Ari Huttunen                   phone: +358 9 2520 0700
Software Architect             fax  : +358 9 2520 5001

F-Secure Corporation       http://www.F-Secure.com 

F-Secure products: Integrated Solutions for Enterprise Security

Follow-Ups:

Re: Agenda for the Minneapolis meeting

From: Dan Harkins <dharkins@cips.nokia.COM>

References:

RE: Agenda for the Minneapolis meeting

From: "Andrew Krywaniuk" <andrew.krywaniuk@alcatel.com>

Prev by Date: RE: Agenda for the Minneapolis meeting
Next by Date: Re: Agenda for the Minneapolis meeting
Prev by thread: RE: Agenda for the Minneapolis meeting
Next by thread: Re: Agenda for the Minneapolis meeting
Index(es):
- Main
- Thread