RE: Vendor Extensions

["Dennis Beard" <beardd@nortelnetworks.com>]

RE: Vendor Extensions

Hi Paul,

I took the minutes of the IPsec WG meeting and = Steve's comment was "specific" vendor extensions.  In = other words, if an implementation required the use of Acme company = extension RG v.02 to make the protocol function properly, this would be = considered "inappropriate".  That's how I heard and = interpreted his comment.  Steve was very sure of his remarks as he = quickly went to the microphone when the comment about vendor extensions = was mentioned.

Regards,

Dennis Beard

-----Original Message-----
From: Paul Hoffman / VPNC [<3d.htm>mailto:paul.hoffman@vpnc.org]<= /FONT>
Sent: Tuesday, July 23, 2002 1:48 PM
To: Charlie_Kaufman@notesdev.ibm.com; = ipsec@lists.tislabs.com
Cc: Steve Bellovin; jis@mit.edu
Subject: Re: Vendor Extensions

At 11:44 AM -0400 7/23/02, = Charlie_Kaufman@notesdev.ibm.com wrote:
>  > Steve Bellovin, Security Area = Director, strongly commented that any
>drafts
>>  that contained specific vendor = extensions would cause the IESG to be
>>  concerned and may even cause it to be = rejected.  He states this in his
>  > capacity of Area Director, not as a = co-author of the JFK draft.
>
>Could we get clarification of IESG policy on = vendor extensions and also
>feedback from the working group on their = usefulness?

Did Steve say "vendor extensions" or = "specific vendor extensions"?
Clarification would be helpful here.

>1) Is anyone using the field in IKEv1?

If you do packet dumps while watching many IPsec = systems
interoperate, you will see that many (possibly most) = vendors use them
in IKEv1.

--Paul Hoffman, Director
--VPN Consortium