[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: comments on jfk and ikev2 drafts



-----BEGIN PGP SIGNED MESSAGE-----

On Sun, 9 Dec 2001, Michael Richardson wrote:

> | Pretty Good Privacy(tm) Version 6.5.8
> | (c) 1999 Network Associates Inc.
> | Uses the RSAREF(tm) Toolkit, which is copyright RSA Data Security, Inc.
> | Export of this software may be restricted by the U.S. government.
> | 
> | File is signed.  signature not checked.
> | Signature made 2001/12/10 04:19 GMT
> | key does not meet validity threshold.
> | 
> | WARNING:  Because this public key is not certified with a trusted
> | signature, it is not known with high confidence that this public key
> | actually belongs to: "(KeyID: 0xE99DD5FD)".
>  
> 
> I had 24 comments about IKEv2, and 8 about JFK. 
> 
> As JFK has not yet defined how selectors are defined, and I regard this as the
> *MAJOR* reason for the marketplace to ask for a replacement for IKEv1, I
> consider the JFK draft to be a very rough -00 draft. The amount of text in it 
> is very small, and would need to double or triple before it could be compared 
> in any to the IKEv2 draft. 
> 
> As far as I can tell, neither proposal yet explains to me how to *add* new
> traffic to an existing IPsec SA without rekeying it. 
> 
I wasn't aware it was supposed to, although it's a feature of huge personal
interest. Is there some text in the drafct I missed? Can you point it out?

jan

 --
Jan Vilhuber                                            vilhuber@cisco.com
Cisco Systems, San Jose                                     (408) 527-0847

-----BEGIN PGP SIGNATURE-----
Version: PGP 6.5.8

iQCVAwUBPBflVVTl7/VM5L39AQHoMwP+Lma4pDHYpXCRYgu5cjzpwpgcDdQb2JuZ
7wRcVq4OJX/q6fa/Tr6sQwMK7lkk2HhiuGrvv9LY9nAcdwP0/JlcKsY2Rq51F4cz
42T/0O1wjtPZpurYjIgee9AjVH/CaXO5/O5xhYbJ65CPNLzISx6RQHJnviWuE9QX
nv4CqRGFw9Y=
=5XRr
-----END PGP SIGNATURE-----



Follow-Ups: References: