[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

New SOI features draft



Thanks to the IKEv2 and JFK folks, and Paul Hoffman for developing the SOI 
features document. Ted and I would like to urge you to read it and to 
discuss it on the list. We need to decide which features are important to 
SOI so that we can move forward with the protocol design work. On page 3 of 
the document, there are three identified core differences between IKEv2 and 
JFK: 1) whether the protocol has one phase or two phases, 2) how DoS 
attacks are thwarted, and 3) the use of shared secret authentication. 
According to the document, one path the working group can take is to decide 
which of these three differences is important and to then select among the 
remaining features.

The scenarios where IPsec/IKE is being used, as described in Cheryl's 
document, are not included in the features document. Therefore, one area we 
must explore is the match between the above 3 differentiating qualities and 
the community's use and expectation of IPsec/IKE. Is there an installed 
base that expects these features to be present, and given the answer, what 
does the working group want to do.

Let's see if we can come to consensus in the next month. This would allow 
some time for a new or updated protocol draft to be prepared prior to the 
July IETF meeting.

thanks,
Barb