[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: Notify SPI field specifications
> Let me state again that it is just these sorts of things
> that will be
> solved by having a single document to describe key
> management. The generic
> language/transport (RFC2408) with a generic key exchange
> (RFC2409) on top
> with a specific service (RFC2407) on top of that does not work. Things
> that are required for the service have to be defined in the
> language or
> key exchange. The commit bit is another example. The entire
> layering is
> artificial and the source of this sort of confusion. That is
> being rectified.
Or so we keep hearing...
Merging the documents is not a magic wand you can wave in order to make the
documents clearer; you actually have to write the text clearly and
unambiguously.
Perhaps the problem is that RFC2409 didn't need to be a generic key
exchange. Isn't it possible that only one of the 3 documents is confusing?
Criticizing your own document due to circumstances beyond your control seems
like passing the buck.
I keep hearing, without substantiation, that having a DOI has greatly
complicated IKE. However, I have noticed that 4 other groups have exploited
this feature to create keying protocols with much reduced effort, and all
without any extra work by me.
> "I personally think it is very dangerous to organize
> referendums when you're not sure to win them"
> -- Louis Michel, President of the European Union
You can aways hold another referendum next year, and keep holding them once
every few years until you win.
Andrew
-------------------------------------------
Upon closer inspection, I saw that the line
dividing black from white was in fact a shade
of grey. As I drew nearer still, the grey area
grew larger. And then I was enlightened.
Follow-Ups:
References: