Re: IKE must have no Heirs

[Derek Atkins <warlord@mit.edu>]

There is no IPsec (ESP/AH) dependency on IKE.  You can key manually
(which does not use IKE).  There is the KINK work, is different than
IKE.

There is no reason to turn IKE into it's own IP Protocol.  Using
UDP/500 works just fine, and making it's own protocol wont accomplish
anything.

-derek

"Horn, Mike" <mhorn@virtela.net> writes:

> Actually that is a poor example, there is no built-in protocol dependency
> for BGP to use OSPF.  And BGP does use TCP (port 179) for communication vs.
> OSPF using a protocol number (89).  IPsec currently has a strong dependency
> on IKE.  I do agree that from a network administration and debugging
> standpoint it would be nice if both IPsec and IKE shared a common protocol
> number.  This would help to simplify firewall configurations, etc.
> 
> Mike Horn 
> 
>  > -----Original Message-----
>  > From: Alex Alten [mailto:Alten@home.com]
>  > Sent: Tuesday, August 07, 2001 3:06 AM
>  > To: Chris Trobridge
>  > Cc: ipsec@lists.tislabs.com
>  > Subject: RE: IKE must have no Heirs
>  > 
>  > 
>  > Think about it.  Do you do OSPF over IP and then BGP over UDP?
>  > The same applies to IPSEC and key management.
>  > 
>  > - Alex
>  > 
>  > At 09:22 AM 8/7/2001 +0100, Chris Trobridge wrote:
>  > >
>  > >
>  > >> -----Original Message-----
>  > >> From: Alex Alten [mailto:Alten@home.com]
>  > >> Sent: 07 August 2001 08:28
>  > >> To: Kory Hamzeh; Hallam-Baker, Phillip
>  > >> Cc: 'mcnelson@mindspring.com'; ipsec@lists.tislabs.com
>  > >> Subject: Re: IKE must have no Heirs
>  > >> 
>  > >> 
>  > >> 
>  > >> I second the motion. And also propose no port number (i.e. 
>  > do the new
>  > >> one over raw IP).
>  > >> 
>  > >> - Alex
>  > >
>  > >What would that achieve? (communicating over raw IP)
>  > >
>  > >Chris
>  > >
>  > >
>  > >-------------------------------------------------------------
>  > --------------
>  > --------------------------------------
>  > >The information contained in this message is confidential 
>  > and is intended 
>  > >for the addressee(s) only.  If you have received this 
>  > message in error or 
>  > >there are any problems please notify the originator 
>  > immediately.  The 
>  > >unauthorized use, disclosure, copying or alteration of this 
>  > message is 
>  > >strictly forbidden. Baltimore Technologies plc will not be liable for
>  > direct, 
>  > >special, indirect or consequential damages arising from 
>  > alteration of the 
>  > >contents of this message by a third party or as a result of 
>  > any virus being 
>  > >passed on.
>  > >
>  > >In addition, certain Marketing collateral may be added from 
>  > time to time to 
>  > >promote Baltimore Technologies products, services, Global 
>  > e-Security or 
>  > >appearance at trade shows and conferences.
>  > > 
>  > >This footnote confirms that this email message has been swept by 
>  > >Baltimore MIMEsweeper for Content Security threats, including
>  > >computer viruses.
>  > >
>  > >
>  > --
>  > 
>  > Alex Alten
>  > 
>  > Alten@Home.Com
>  > 
>  > 
> 

-- 
       Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
       Member, MIT Student Information Processing Board  (SIPB)
       URL: http://web.mit.edu/warlord/    PP-ASEL-IA     N1NWH
       warlord@MIT.EDU                        PGP key available

---

References:

• RE: IKE must have no Heirs
• From: "Horn, Mike" <mhorn@virtela.net>

---

• Prev by Date: Re: Phase 1 IDs ("son of IKE")
• Next by Date: Re: Position statement on IKE development
• Prev by thread: RE: IKE must have no Heirs
• Next by thread: RE: IKE must have no Heirs
• Index(es):
  • Main
  • Thread