[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: SOI QUESTION: 4.1 Control channel vs. separate protocols
Theodore Ts'o wrote:
> Notes from the chair:
>
> This question basically introduces the various questions raised by
> section 4 of the soi-features document, which goes to one of the biggest
> differences to the JFK and IKEv2 approach.
>
>
> 4. One or two phases
>
> 4.1 Control channel vs. separate protocols
>
> 4.1.A) [Meta question, that will be answered by the other questions in
> section 4.] Does SOI need a control channel for SA management? Or is
> it acceptable to piggy back SA management as a part of other parts of
> the SOI protocol?
Yes, we need a control channel for SA management. Having to start a
complete IKE exchange to delete an SA and for other similar tasks, is
inefficient.
Lakshminath
>
> Implications from the Scenarios:
>
> VPN: <<<This calls out a need for either a two-phased approach for
> SOI, or a single-phased approach that is sufficiently fast, where
> "fast" represents an optimal combination of "number of messages" and
> "computational expenditure".>>> [[[4.1]]]
>
>
>
>