[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: SOI QUESTION: 6.3, 6.4, 6.5

To: ipsec@lists.tislabs.com, tytso@mit.edu ("Theodore Ts'o")
Subject: Re: SOI QUESTION: 6.3, 6.4, 6.5
From: Tero Kivinen <kivinen@ssh.fi>
Date: Wed, 17 Jul 2002 06:46:27 +0300
Organization: SSH Communications Security Oy
Sender: owner-ipsec@lists.tislabs.com

> 6.3 Future versions of the protocols
> 6.3.A) Should SOI have a mechanism for demanding/requesting that a
> peer use a particular version of IKE/SOI to allow upgrading to new
> versions?

I don't really understand the question...

> 6.4 Code-preservingness
> 6.4.A) Is it important that SOI allow some amounts of an IKEv1
> implementation be reusable when creating an SOI implementation?

Yes.

> 6.5 Extensibility of the protocols
> 6.5.A) Should SOI have mechanisms for allowing extensions to the SOI
> protocol?

Yes, and we should define what to do with unknown extensions, ie what
is expected behavior (ignore, return error, fail). 

> 6.5.B) Should SOI need a way to mark new extensions as critical?
> (i.e. If you don't understand a critical extension you must fail the
> entire negotiation)

Yes.
-- 
kivinen@ssh.fi
SSH Communications Security                  http://www.ssh.fi/
SSH IPSEC Toolkit                            http://www.ssh.fi/ipsec/

Prev by Date: Re: SOI QUESTION: 4.2 Creating multiple SAs for a single pair of entities
Next by Date: agenda?
Prev by thread: Draft Agenda for 7/17/02
Next by thread: agenda?
Index(es):
- Date
- Thread