[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: AHbis WG LC: need for source address based selectors

To: "James Kempf" <kempf@docomolabs-usa.com>, "Tero Kivinen" <kivinen@ssh.fi>
Subject: Re: AHbis WG LC: need for source address based selectors
From: Stephen Kent <kent@bbn.com>
Date: Wed, 18 Jun 2003 23:32:04 -0400
Cc: "Pekka Nikander" <pekka.nikander@nomadiclab.com>, <ipsec@lists.tislabs.com>, "Barbara Fraser" <byfraser@cisco.com>, <tytso@mit.edu>, "SEND WG" <ietf-send@standards.ericsson.net>, kent@bbn.com
In-Reply-To: <00e001c335a9$4bef1250$4204300a@DCLKEMPFTP>
References: <4.3.2.7.2.20030526181608.04a3df00@mira-sjc5-4.cisco.com><3EED762C.5060306@nomadiclab.com> <p05100306bb14fc36d878@[128.89.88.34]><16111.40043.641263.120711@ryijy.hel.fi.ssh.com><p05210608bb157a10eea5@[12.159.173.182]><00e001c335a9$4bef1250$4204300a@DCLKEMPFTP>
Sender: owner-ipsec@lists.tislabs.com

At 7:52 AM -0700 6/18/03, James Kempf wrote:
>Steve,
>
>>  The primary motivation in the IETF for developing standards is to
>>  promote interoperability. What you seem to suggest is a that we not
>>  preclude someone from saying that they comply with IPsec, even
>though
>>  they would be following a demuxing policy that is not used in any
>>  extant implementations and thus would not be interoperable with any
>>  of these implementations.  This does not promote interoperability;
>>  all it does is allow someone to claim conformance with a standard.
>>  That does not seem constructive and, as I noted, it only add to
>>  complexity.
>>
>>  Am I missing something in your suggestion?
>>
>
>I read Tero's suggested text as only applying to a new SPI in the
>reserved region. It would therefore promote interoperability for that
>SPI, but should not impact any other. Perhaps the text needs to be
>strengthened to make this clearer?
>
>             jak

reserved SPIs are a holdover from the early days of IPsec and are 
generally not used. But, the change in processing that has been 
proposed is simply not consistent with the overall IPsec processing 
model and saying that it applies to only this one SPI does not make 
life better. I'm afraid that this is just a bad fit.

Steve

References:
- AHbis WG LC: need for source address based selectors
  - From: Pekka Nikander <pekka.nikander@nomadiclab.com>
- Re: AHbis WG LC: need for source address based selectors
  - From: Stephen Kent <kent@bbn.com>
- Re: AHbis WG LC: need for source address based selectors
  - From: Tero Kivinen <kivinen@ssh.fi>
- Re: AHbis WG LC: need for source address based selectors
  - From: Stephen Kent <kent@bbn.com>
- Re: AHbis WG LC: need for source address based selectors
  - From: "James Kempf" <kempf@docomolabs-usa.com>

Prev by Date: Re: Comments on draft-ietf-ipsec-rfc2402bis-03.txt based on SEND WG experiences
Next by Date: Re: Comments on draft-ietf-ipsec-rfc2402bis-03.txt based on SENDWG experiences
Prev by thread: Re: AHbis WG LC: need for source address based selectors
Next by thread: Re: AHbis WG LC: need for source address based selectors
Index(es):
- Date
- Thread