[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: SOI: selector exclusion lists/ranges

To: Radia Perlman - Boston Center for Networking <Radia.Perlman@sun.com>
Subject: Re: SOI: selector exclusion lists/ranges
From: Jan Vilhuber <vilhuber@cisco.com>
Date: Tue, 27 Nov 2001 15:32:15 -0800 (PST)
cc: mat@cisco.com, rcharlet@redcreek.com, ipsec@lists.tislabs.com
In-Reply-To: <200111272219.RAA13596@bcn.East.Sun.COM>
Sender: owner-ipsec@lists.tislabs.com

On Tue, 27 Nov 2001, Radia Perlman - Boston Center for Networking wrote:

> The IKEv2 spec does both of your wishes :-). See sections 2.9 and 7.13.
> 
Oh.. Right. I missed the part that there can be multiple 'Traffic Selector
Substructure's. Very useful.

If I read and understood it correctly this time, does this make the
ID_RECURSE payload (Bad name.. did I already mention that?! ;) obsolete? At
least for ikev2... 

jan


> Radia
> 
> 
> 	From: Ricky Charlet <rcharlet@redcreek.com>
> 
> 	Michael Thomas wrote:
> 	> Thus I think we should have a requirement which
> 	> states:
> 	> 
> 	> "The protocol MUST have the ability to express
> 	>  port ranges for flow selectors, as well as have
> 	>  the ability to selectively enumerate ports which
> 	>  fall outside of the flow selector."
> 	> 
> 	>       Mike
> 	
> 	
> 	
> 		Ooh, ooh, ooh!! And lists (not restricted to ranges) of subnets 
> bound
> 	to a single SA too please!
> 	
> 

 --
Jan Vilhuber                                            vilhuber@cisco.com
Cisco Systems, San Jose                                     (408) 527-0847

Follow-Ups:

Re: SOI: selector exclusion lists/ranges

From: "Angelos D. Keromytis" <angelos@cs.columbia.edu>

References:

Re: SOI: selector exclusion lists/ranges

From: Radia Perlman - Boston Center for Networking <Radia.Perlman@sun.com>

Prev by Date: Re: SOI: selector exclusion lists/ranges
Next by Date: Re: SOI: selector exclusion lists/ranges
Next by thread: Re: Status of ID: IPsec Flow Monitoring MIB
Index(es):
- Main
- Thread