[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

IKEv2 issue #16



Angelos's summary of open issues included:

 16: (Negotiate ToS in IKEv2)

This issue is marked as closed without adding any negotiation
support, and (IMHO) that's the right approach.  As I understood
the list discussion, the support for parallel SAs with the identical
traffic selectors introduced as part of resolving issue #64 is the
only IKEv2 mechanism required - given this, implementations can do
what they like in distributing traffic among parallel SAs that they
set up, so nothing more is needed (aside from my previous message
on adding a warning against the use of the IKEv1 rekeying heuristic).

IKEv2 is a security protocol and I strongly believe that it should
not be trying to do QoS negotiation for a number of reasons,
including preservation of the sanity of all involved :-).

Thanks,
--David
----------------------------------------------------
David L. Black, Senior Technologist
EMC Corporation, 176 South St., Hopkinton, MA  01748
+1 (508) 293-7953             FAX: +1 (508) 293-7786
black_david@emc.com        Mobile: +1 (978) 394-7754
----------------------------------------------------