[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: IKEv2: active user identity protection

Hash: SHA1

Tero Kivinen wrote:

| I think this can be solved as separate extension to IKEv2, there is no
| need to put it in the IKEv2 base document. We MUST say "no more
| features" to IKEv2 some day, and that day has already gone.
| Also as this issue was already discussed earlier on the mailing list
| and the decision about was made that this will not make the IKEv2
| document, I do not think it is usefull to continue this discussion on
| this issue now.

I appreciate the desire to contain discussions, but let's be very clear
about this: this issue was raised as part of last call for IKEv2, and a
significant number of folks have offered support for the notion that
this is a significant shortcoming in the current spec. It is
inappropriate to simply quash the discussion because you don't like the

If last call has degenerated to a symbolic gesture which is not intended
to really flush out final issues, then I guess you are within your
rights. Otherwise, what is the resolution process when issues such as
these are raised? I'm not sure what the appropriate procedure is here,
but this is important. Do we need to take it to the IESG, or can we
solve it here?


Version: GnuPG v1.0.6 (GNU/Linux)
Comment: Using GnuPG with Netscape - http://enigmail.mozdev.org