[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: I-D ACTION:draft-ietf-ipsec-sctp-04.txt
Hi!
I'm sorry about the late response, but I have a couple of comments.
Usage of ID_LIST has not been defined explicitly:
Define a new type of ID, ID_LIST, that allows for recursive
inclusion of IDs. Thus, the IKE Phase 2 Initiator ID for an SCTP
association MAY be of type ID_LIST, which would in turn contain as
many ID_IPV4_ADDR IDs as necessary to describe Initiator addresses;
likewise for Responder IDs. Note that other selector types MAY be
used when establishing SAs for use with SCTP, if there is no need
to use negotiate multiple addresses for each SCTP endpoint (i.e.,
if only one address is used by each peer of an SCTP flow).
Implementations MUST support this new ID type.
I think that use of ID_LIST must be required if a SCTP endpoint uses
multiple addresses. This could be more explicit definition:
Implementations MUST support a new type of ID, ID_LIST, that allows
for recursive inclusion of IDs. The IKE Phase 2 Initiator ID for
an SCTP association MUST be of type ID_LIST, if there is need to
negotiate multiple addresses for each SCTP endpoint (i.e., if multiple
addresses are used by each peer of an SCTP flow). Note that other
selector types MAY be used when establishing SAs for use with SCTP,
if there is no need to use negotiate multiple addresses for each
SCTP endpoint. ID_LIST contains as many ID types (e.g. ID_IPV4_ADDR)
necessary to describe Initiator addresses; likewise for Responder
IDs.
I would like to ask about the required ID types. The draft specifies:
ID_LIST IDs cannot appear inside ID_LIST ID payloads. Any of the
ID types defined in [RFC2407] can be included inside an ID_LIST ID.
Each of the IDs contained in the ID_LIST ID must include a complete
Identification Payload header.
What are the required ID types? Is it necessary to support all or some
of the ID types, which are listed in [RFC2407]?
/Juha Ollila