[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Why is IDAccepted added?

To: ipsec@lists.tislabs.com
Subject: Re: Why is IDAccepted added?
From: Paul Hoffman / VPNC <paul.hoffman@vpnc.org>
Date: Thu, 28 Nov 2002 09:18:56 -0800
In-Reply-To: <20021128143628.62088.qmail@web15104.mail.bjs.yahoo.com>
References: <20021128143628.62088.qmail@web15104.mail.bjs.yahoo.com>
Sender: owner-ipsec@lists.tislabs.com

At 10:36 PM +0800 11/28/02, king wu wrote:
>In "Adding revised identities to IKEv2" by Paul
>Hoffman, a new payload IDAccepted is added. Who can
>tell me why and give a example?

Certainly. If a responding IPsec system only accepts certificates and 
cannot resolve URLs, the initiating system should not send a 
hash-plus-URL. The IDAccepted method is a way for each side to say 
what kind of IDs are supported before the other side sends its ID. 
This prevents failures that could have been avoided.

--Paul Hoffman, Director
--VPN Consortium

References:
- Why is IDAccepted added?
  - From: =?gb2312?q?king=20wu?= <wmyking49@yahoo.com.cn>

Prev by Date: Why is IDAccepted added?
Next by Date: Re: Counter Mode: Proposed Way Forward
Prev by thread: Why is IDAccepted added?
Index(es):
- Date
- Thread