Re: 2401bis issues

[Tero Kivinen <kivinen@ssh.fi>]

Mark Duffy writes:
> At 12:32 PM 10/14/2003 -0400, Angelos D. Keromytis wrote:
> >Issue 81 ("Handling outbound red fragments"): marked as possible reject
> >Rationale: since we decided not to adopt issue 49 ("red-side fragmentation
> >            option"), it doesn't make much sense to treat red fragments in 
> > this
> >            way. Yell if you disagree.
> Does this mean that having 2401bis permit red-side fragmentation is 
> rejected, or just that the special treatment that was proposed for the 
> fragments (separate SAs for them) is rejected?

The proposed resolution in issue 49 is:
----------------------------------------------------------------------
Proposed resolution:

	Because of this limitation, we do not plan to change 2401 to make
	provision for receipt of red side fragments as a special case.
----------------------------------------------------------------------

I.e there will not be special flag for SA that means that red
fragments OK for this SA. So if red fragments are not going to have
special inbound handling the issue 81 which proposed creating special
SA for outbound to them should be reject too.

So the special treatment was proposed. I don't think we have any issue
in the issue tracker about whether the 2401bis should or should not
permit red-side fragmentation.
-- 
kivinen@ssh.fi
SSH Communications Security                  http://www.ssh.fi/
SSH IPSEC Toolkit                            http://www.ssh.fi/ipsec/