[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: IKE must have no Heirs



So, what do we propose to those that are using IKE right now (like
customers). Oops, sorry, its too complex. Maybe next time?

I suggest that we look at the documents that describe the improvements, and
ask the implementors (the ones confused by the complexity) how the standards
body can work to make their job easier (A clearly defined state machine
would be nice, with less SHOULDs' and more MUSTs).

Also, any changes should keep in mind an easy transition to "Son of Ike" so
that deploying the less complex version of IKE, does not create more
complexity.

Scott
----- Original Message -----
From: "Alex Alten" <Alten@home.com>
To: "Chris Trobridge" <CTrobridge@baltimore.com>
Cc: <ipsec@lists.tislabs.com>
Sent: Tuesday, August 07, 2001 2:05 AM
Subject: RE: IKE must have no Heirs


> Think about it.  Do you do OSPF over IP and then BGP over UDP?
> The same applies to IPSEC and key management.
>
> - Alex
>
> At 09:22 AM 8/7/2001 +0100, Chris Trobridge wrote:
> >
> >
> >> -----Original Message-----
> >> From: Alex Alten [mailto:Alten@home.com]
> >> Sent: 07 August 2001 08:28
> >> To: Kory Hamzeh; Hallam-Baker, Phillip
> >> Cc: 'mcnelson@mindspring.com'; ipsec@lists.tislabs.com
> >> Subject: Re: IKE must have no Heirs
> >>
> >>
> >>
> >> I second the motion. And also propose no port number (i.e. do the new
> >> one over raw IP).
> >>
> >> - Alex
> >
> >What would that achieve? (communicating over raw IP)
> >
> >Chris
> >
> >
>
>---------------------------------------------------------------------------
> --------------------------------------
> >The information contained in this message is confidential and is intended
> >for the addressee(s) only.  If you have received this message in error or
> >there are any problems please notify the originator immediately.  The
> >unauthorized use, disclosure, copying or alteration of this message is
> >strictly forbidden. Baltimore Technologies plc will not be liable for
> direct,
> >special, indirect or consequential damages arising from alteration of the
> >contents of this message by a third party or as a result of any virus
being
> >passed on.
> >
> >In addition, certain Marketing collateral may be added from time to time
to
> >promote Baltimore Technologies products, services, Global e-Security or
> >appearance at trade shows and conferences.
> >
> >This footnote confirms that this email message has been swept by
> >Baltimore MIMEsweeper for Content Security threats, including
> >computer viruses.
> >
> >
> --
>
> Alex Alten
>
> Alten@Home.Com
>
>



References: