[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: New traffic Selectors in RFC2401bis

To: "Mohan Parthasarathy" <mohanp@sbcglobal.net>
Subject: Re: New traffic Selectors in RFC2401bis
From: Stephen Kent <kent@bbn.com>
Date: Mon, 17 Nov 2003 09:19:08 -0500
Cc: <ipsec@lists.tislabs.com>
In-reply-to: <008201c3acb4$872b79d0$6401a8c0@adithya>
References: <008201c3acb4$872b79d0$6401a8c0@adithya>
Sender: owner-ipsec@lists.tislabs.com

At 18:43 -0800 11/16/03, Mohan Parthasarathy wrote:
>Hello,
>
>RFC2401bis defines ICMP type and code as selector. AFAIK, this itself can be
>negotiated
>only using IKEv2 traffic selector and one cannot use IKEv1 ID payload. If
>this is correct,
>is it worth clarifying in the document ? I can see that the IKE reference
>has been removed
>currently. I assume that both IKE versions will be referenced in the future
>revision. In that
>case it might be worth clarifying the issue i guess. Not sure what else is
>IKEv2 specific.
>
>thanks
>mohan

Mohan,

In general, 2401bis is closely aligned with features of IKEv2.  The 
new structure of SPD entries allows one SA to represent several, 
distinct S/D address pairs or port ranges, etc. This too cannot be 
negotiated with IKE v1. In general, 2401bis represents an updating of 
2401 that also assumes use of IKE v2 vs. v1.

Steve

Follow-Ups:
- Re: New traffic Selectors in RFC2401bis
  - From: "Mohan Parthasarathy" <mohanp@sbcglobal.net>

References:
- New traffic Selectors in RFC2401bis
  - From: "Mohan Parthasarathy" <mohanp@sbcglobal.net>

Prev by Date: Re: PMTU discovery for tunnels: issues 78, 49, 81
Next by Date: Re: PMTU discovery for tunnels: issues 78, 49, 81
Previous by thread: New traffic Selectors in RFC2401bis
Next by thread: Re: New traffic Selectors in RFC2401bis
Index(es):
- Date
- Thread