[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: (more#4 fwd from ipsec) Re: Handling of IPcomp in IKEv2
As long as the generic case (i.e., negotiating a CPI) is also
supported, all should be okay.
avram
On Mon, 9 Dec 2002, Michael Richardson wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
>
>
> >>>>> "Avram" == Avram Shacham <shacham@shacham.net> writes:
> Avram> Not sure how to read
> >> the CPI was just 2 unnecessary bytes.
>
> Avram> The protocol is built to answer the generic scenarios, and a private case,
> Avram> where the system supports a single compression algorithm and uses no
> Avram> params, is, ahem, a private case, which, as you stated, works.
>
> Yes... I would suggest that the context of it being within an ESP, is
> probably a "semi-private" case... I vote for using the well-known CPIs,
> announced like Henry suggested.
>
> ] ON HUMILITY: to err is human. To moo, bovine. | firewalls [
> ] Michael Richardson, Sandelman Software Works, Ottawa, ON |net architect[
> ] mcr@sandelman.ottawa.on.ca http://www.sandelman.ottawa.on.ca/ |device driver[
> ] panic("Just another Debian GNU/Linux using, kernel hacking, security guy"); [
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.0.7 (GNU/Linux)
> Comment: Finger me for keys
>
> iQCVAwUBPfU1ZIqHRg3pndX9AQGosQP/eCz+2/ZgMXZMeWseJnUKVqGWA+Y7NZmU
> muQrdYcNapeeJn/hEl7sS6HQOKZpQCpdr7dNGrW2TPNmiiVzWJbYUiJdgMCPRdNz
> GYv6UwEG4Sw/tT3sAGlbEA/OdbMklJ4Bsfw7S3nWzviJRxLqNnfKPDZp6jWQNOp4
> Ln0gRtDRAho=
> =1J0h
> -----END PGP SIGNATURE-----
>