[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
2401bis Issue #71 -- Add definition of reserved SPIs
Folks,
Here's a description and proposed approach for:
IPsec Issue #: 71
Title: Add definition of reserved SPIs
Description:
============
The definition of reserved SPIs is in the ESP and AH specs and not in
2401. Per private email from Steve Bellovin, it should be added to
2401bis.
Proposed approach:
==================
Add text (based on text in AH and ESP) along the lines of:
"The set of SPI values in the range 1 through 255 are reserved by the
Internet Assigned Numbers Authority (IANA) for future use. A
reserved SPI value will not normally be assigned by IANA unless the
use of the assigned SPI value is specified in an RFC. The SPI value
of zero (0) is reserved for local implementation-specific use and
MUST NOT be sent on the wire. For example, a key management
implementation MAY use the zero SPI value to mean "No Security
Association Exists" during the period when the IPsec implementation
has requested that its key management entity establish a new SA, but
the SA has not yet been established."
Thank you,
Karen