[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: SOI QUESTION: 6.5 Extensibility of the protocols
>
> 6.5 Extensibility of the protocols
>
> 6.5.A) Should SOI have mechanisms for allowing extensions to the SOI
> protocol?
Yes
>
> 6.5.B) Should SOI need a way to mark new extensions as critical?
> (i.e. If you don't understand a critical extension you must fail the
> entire negotiation)
Yes
>
> Implications from the Scenarios:
>
> VPN, End-to-End, : <<<Extensions to the IPsec (now known as phase 2)
> parameters are needed in order to negotiate QoS characteristics for
> the various tunnels.>>> [[[6.5]]]
>
> IPS: <<<However, the discussion in [ietf-ips-security-xx.txt] calls out
> requirements for an API, in order to provide a means of pushing
> authentication information to the application (e.g. "this peer was
> authenticated with this cert"), so the application can decide what types
> of transactions are allowed by this peer.>>> [[[6.5]]]
>
> PPVPN/MPLS: <<<it may make sense to expand the set of phase 2
> identifiers to also support an MPLS/VPN identifier (so the entity
> doing the SPD check can be separated from the entity doing the
> encapsulation).>>> [[[6.5]]]
>
> Implications from the Scenarios:
>
> [none]