Re: (More) immediate changes to help interop problems?

["Scott Fanning" <sfanning@cisco.com>]

I agree. I also would like to see the commit bit gone (not many people
support it anyway, nor do it right).

I think the fact we still have bakeoffs to test IKE interop, tells us that
we need to simplify what we have.

At one IETF, I was sure I heard a call and a straw vote for IKE reved to V2,
with the new hash, and additional changes. I would like to fix those things
we can fix now, allowing current users to continue to use IKE, while we
debate a new, and improved key exchange,

My 2 cents
Scott
----- Original Message -----
From: "Geoffrey Huang" <ghuang@cisco.com>
To: <ipsec@lists.tislabs.com>
Sent: Wednesday, August 08, 2001 1:57 AM
Subject: (More) immediate changes to help interop problems?


> Hi there,
>
> So I've seen many messages concerning long-term development for the next
> IKE, but what happened to discussion on fixing some shortcomings that
> immediately affect interoperability?  Andrew K. mentioned a few yesterday
> during his presentation, but off the top of my head, I can think of a few
> ambiguities:
>
> - Rekeying/Ph. 1 Responder Lifetime
> - Unreliable Delete/Notifies
> - Optional Cert Request Payload
> - Some way to detect dead peers/stale SAs
>
> I'm just thinking of issues in currently deployed scenarios...
>
> -g
>

---

Follow-Ups:

• RE: (More) immediate changes to help interop problems?
• From: "Andrew Krywaniuk" <andrew.krywaniuk@alcatel.com>

References:

• (More) immediate changes to help interop problems?
• From: "Geoffrey Huang" <ghuang@cisco.com>

---

• Prev by Date: RE: Simplifying IKE
• Next by Date: Re: Simplifying IKE
• Prev by thread: (More) immediate changes to help interop problems?
• Next by thread: RE: (More) immediate changes to help interop problems?
• Index(es):
  • Main
  • Thread