[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

v7 nits

To: ipsec@lists.tislabs.com
Subject: v7 nits
From: "jpickering@creeksidenet.com" <jpickering@creeksidenet.com>
Date: Tue, 20 May 2003 13:29:14 -0400
Sender: owner-ipsec@lists.tislabs.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; m18) Gecko/20001108 Netscape6/6.0


As long as we are still stuck in the bogs of identity usage, a
couple of points of v7 clarification would be also appreciated:

Text on protocol for notifications states:

   For notifications
     concerning IPsec SAs this field will contain either (2)
     to indicate AH or (3) to indicate ESP. For notifications
     for which no protocol ID is relevant, this field MUST be
     sent as zero and MUST be ignored.

What about "no prop chosen" for child props that include both
AH and ESP? What about "ipcomp supported" requests with
both AH and ESP props? I would claim that protocol ID is
not relevant, but the sentence above says I still need a "2" or "3".
Also, what SPI in these cases?

For "nat detection source/dest ip" notifies, text says to hash SPIs,
address and port. Which spis are to be used and in which order?

Jeff

Prev by Date: Re: IPSec Implementation
Next by Date: State of IPSec NAT Traversal drafts?
Prev by thread: Re: draft-ietf-ipsec-ikev2-algorithms-00.txt
Next by thread: State of IPSec NAT Traversal drafts?
Index(es):
- Date
- Thread