[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: IKEv2 payload #14
We now have a few folks who see this as a problem, and would prefer a
renumbering of the IKEv2 payloads. Is there any chance for this suggestion to
be considered seriously? I would like to hear a response from those who have
the most say about the final spec. Charlie? Paul? (I don't really know who
should be included in this list.)
This feedback comes from an implementer's perspective. Conflicting payload
numbers are causing me a fairly large amount of difficulty combining v1 and v2
code that I would be very happy to have go away.
> Stephen C. Koehler writes:
> > 3. Move any conflicting payload definitions to new numbers in IKEv2, but
> > don't change the ones that have not changed in structure.
> > 4. Make all IKEv2 payloads have numbers distinct from those in IKEv1,
> > regardless of whether the structure or meaning has changed.
>
> I would say number 3 or 4 are good. Actually I think 4 is better.
>
> > I would very much like for IKEv2 to use option (3). (4) is perhaps overkill,
> > but I could be convinced otherwise.
>
> BTW, this is not only about the paylaod number 14, the payload numbers
> 15, and 16 are used by the draft-ietf-ipsec-nat-t-ike-06.txt for IKEv1
> also...
> --
> kivinen@ssh.fi
> SSH Communications Security http://www.ssh.fi/
> SSH IPSEC Toolkit http://www.ssh.fi/ipsec/
--
Steve Koehler
koehler@securecomputing.com