[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Do we actually need dynamic ports?

To: Michael Richardson <mcr@sandelman.ottawa.on.ca>
Subject: Re: Do we actually need dynamic ports?
From: Jan Vilhuber <vilhuber@cisco.com>
Date: Thu, 4 Apr 2002 17:33:55 -0800 (PST)
cc: <ipsec@lists.tislabs.com>
In-Reply-To: <200204050018.g350IBn04632@marajade.sandelman.ottawa.on.ca>
Sender: owner-ipsec@lists.tislabs.com

On Thu, 4 Apr 2002, Michael Richardson wrote:

> >>>>> "Jan" == Jan Vilhuber <vilhuber@cisco.com> writes:
>     Jan> to try and fold some (not all) of the jenkins rekey-draft into IKEv2,
>     Jan> so that rekey behaviour is spelled out precisely? That would certainly
>     Jan> help.
>
>   Yes/no.
>
>   Yes, we need clear rekeying text.
>   I suggest that we should use the "use keys as soon as they negotiated"
> concept described in draft-spenser-implementation-*.
>

I agree, which is what the 'some (not all)' was for ;) I like most of
the text in tim's draft (and like the philosophy even more, i.e. SPELL
IT OUT DAMMIT), but never quite agreed with 'use the old one until it
expires'.

Are the IKEv2 authors planning on adding a rekey behaviour section? Or
should someone suggest some text (probbaly lifted from tim's draft and
draft-spenser-implementation)?

jan
 --
Jan Vilhuber                                            vilhuber@cisco.com
Cisco Systems, San Jose                                     (408) 527-0847

References:
- Re: Do we actually need dynamic ports?
  - From: Michael Richardson <mcr@sandelman.ottawa.on.ca>

Prev by Date: RE: Do we actually need dynamic ports?
Next by Date: Re: Is TS agreement necessary?
Prev by thread: Re: Do we actually need dynamic ports?
Next by thread: Re: Do we actually need dynamic ports?
Index(es):
- Date
- Thread