[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: IKE V2 Open Issues







"Theodore Ts'o" <tytso@mit.edu> wrote:
> On Fri, Apr 11, 2003 at 10:16:13AM -0400, Uri Blumenthal wrote:
> > >
> > >However, another benefit for using two payload types: it makes it
> > >easier for protocol analyzers like tcpdump or ethereal.  They can
> > >differentiate the cookie request N(COOKIE_REQUIRED{cookie}) from a
> > >cookie response N(COOKIE{cookie}) to aid in analysis and debugging...
> > >A small benefit indeed, but a tangible one for, IMHO, little
> > >additional coding.  You have to have the code to parse the packet
> > >either way -- whether you look for IKEV2_NOTIFY_COOKIE or
> > >..._COOKIE_REQUIRED is a one-line change.
> >
> > OK, sold. I'm convinced in the value of COOKIE_REQUIRED and
> > support it.
> >
>
> There hasn't been much other discussion on the list, but in the
> absence of other comments, it seems to make sense to go with this
> proposal, although it does require defining a new number for
> COOKIE_REQUIRED.

Done!

          --Charlie

Opinions expressed may not even be mine by the time you read them, and
certainly don't reflect those of any other entity (legal or otherwise).