Re: IKE v2 Requirements and backwards compatability

[Henry Spencer <henry@spsystems.net>]

On Tue, 18 Dec 2001, Tylor Allison wrote:
> > > > (b) An IKE1-only responder must reliably reject attempts to use IKE2
> > > > to it.
> 
> What complicates the matter more is that even if the responder sends back a
> notify with the proper INVALID-MAJOR-REVISION set... this notify cannot be
> authenticated, and is not guaranteed to be delivered.  This does not
> constitute a "reliable rejection" by the responder... atleast not a
> rejection that can be determined by the initiator.

It's rare that an IKE rejection can be determined by the initiator, so I
was not considering that a requirement.  The intended requirement is that
it be 100% certain (i.e., reliable) that an IKE1-only responder will not
misinterpret an IKE2 message as calling for some random set of IKE1
operations. 

> My point: IKEv1 does not adequately specify what must be done in error
> conditions during each step of the negotiation.  Should this be a
> requirement for SOI?  I believe that it should...

This would certainly be helpful.  More helpful yet would be some reliable
way of notifying the other end about such problems... but that is most
likely too much to hope for.

                                                          Henry Spencer
                                                       henry@spsystems.net

---

References:

• Re: IKE v2 Requirements and backwards compatability
• From: Tylor Allison <allison@securecomputing.com>

---

• Prev by Date: RE: IKEv2 and NAT traversal
• Next by Date: RE: Michael's comments on ikev2 draft
• Prev by thread: Re: IKE v2 Requirements and backwards compatability
• Next by thread: Re: IKE v2 Requirements and backwards compatability
• Index(es):
  • Main
  • Thread