[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Contradictory language in the 2401bis draft section 4.1?

To: ipsec@lists.tislabs.com
Subject: Contradictory language in the 2401bis draft section 4.1?
From: Ken Ballou <ballou@crab.mv.com>
Date: Wed, 7 Jan 2004 17:50:07 -0500
Mail-followup-to: ipsec@lists.tislabs.com
Sender: owner-ipsec@lists.tislabs.com
User-agent: Mutt/1.4i

Am I misreading the text?  I believe there is contradictory text in
section 4.1 (draft-ietf-ipsec-rfc2401bis-02.txt).

On one hand, in the third full paragraph on page 10, I read:

"... transport mode MAY be used between security gateways or between a
security gateway and a host."

On the other hand, in the paragraph that spans pages 11 and 12, I read:

"In general, whenever either end of a security association is a security
gateway, the SA MUST be tunnel mode."

I suspect the text following this sentence (citing an example of SNMP
commands destined to the security gateway system) clarifies this.  Still,
I wonder whether I am entirely alone in finding the text somewhat confusing.

                    - Ken

Follow-Ups:
- Re: Contradictory language in the 2401bis draft section 4.1?
  - From: Joe Touch <touch@ISI.EDU>
- Re: Contradictory language in the 2401bis draft section 4.1?
  - From: Stephen Kent <kent@bbn.com>

Prev by Date: US Government VPN Protection Profile
Next by Date: Re: Contradictory language in the 2401bis draft section 4.1?
Previous by thread: US Government VPN Protection Profile
Next by thread: Re: Contradictory language in the 2401bis draft section 4.1?
Index(es):
- Date
- Thread