[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: suites vs. a la carte and IPcomp in IKEv2-05

To: IP Security List <ipsec@lists.tislabs.com>, ippcp <ippcp@external.cisco.com>
Subject: Re: suites vs. a la carte and IPcomp in IKEv2-05
From: Charlie_Kaufman@notesdev.ibm.com
Date: Tue, 4 Mar 2003 22:46:33 -0500
Sender: owner-ipsec@lists.tislabs.com

Henry Spencer <henry@spsystems.net> wrote:
> On Mon, 3 Mar 2003, Abraham Shacham wrote:
> > Nowhere in the IKEv2 I-D the issue of using IPComp CPIs from
> > the pre-assigned transform ID range is mentioned, afaik.
>
> The current IKEv2 draft has opted for a more conservative approach than
> what some of the list discussion indicated was possible.  I'm personally
a
> bit disappointed, but I see no grave disadvantages and hence don't feel
> strongly about it.

Let me make sure I understand what you're saying. At one point, I had
proposed allowing multiple IPcomp CPIs to be valid within a single ESP SA.
That way, a sender could try compressing a packet in multiple ways and send
the one that came out the shortest. But no one seemed to get excited about
this capability and several people warned about adding options without a
documented need, so I never added it to the spec.

Is that what you're talking about?

I'm even more reluctant to add functionality now, but would note that it
would not be difficult to add it (optionally) to some future revision of
the protocol.

          --Charlie

Opinions expressed may not even be mine by the time you read them, and
certainly don't reflect those of any other entity (legal or otherwise).

Follow-Ups:
- Re: suites vs. a la carte and IPcomp in IKEv2-05
  - From: Henry Spencer <henry@spsystems.net>

Prev by Date: Re: suites vs. a la carte and IPcomp in IKEv2-05
Next by Date: Re: bidding down attach on NAT-T
Prev by thread: Re: suites vs. a la carte and IPcomp in IKEv2-05
Next by thread: Re: suites vs. a la carte and IPcomp in IKEv2-05
Index(es):
- Date
- Thread