[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Why is the length of transform ID 2 octets in IKEv2?

To: ipsec@lists.tislabs.com
Subject: Why is the length of transform ID 2 octets in IKEv2?
From: "Dondeti, Lakshminath" <ldondeti@nortelnetworks.com>
Date: Mon, 12 Jan 2004 11:48:16 -0500
In-reply-to: <200401072101.QAA01462@ietf.org>
References: <200401072101.QAA01462@ietf.org>
Sender: owner-ipsec@lists.tislabs.com
User-agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.5) Gecko/20031007

Hi,

The length of the transform ID is 2 octets  in IKEv2 (was 2 octets in 
00, changed to 1 octet in 01, and back to 2 octets in 08 and stayed that 
way) whereas it is 1 octet in 2408.  I am curious about the reasoning 
behind the change(s).  Do we really need 2 octets for this field?

regards,
Lakshminath

Internet-Drafts@ietf.org wrote:

>A New Internet-Draft is available from the on-line Internet-Drafts directories.
>This draft is a work item of the IP Security Protocol Working Group of the IETF.
>
>	Title		: Internet Key Exchange (IKEv2) Protocol
>	Author(s)	: C. Kaufman
>	Filename	: draft-ietf-ipsec-ikev2-12.txt
>	Pages		: 102
>	Date		: 2004-1-7
>	
>This document describes version 2 of the Internet Key Exchange (IKE)
>protocol.  IKE is a component of IPsec used for performing mutual
>authentication and establishing and maintaining security
>associations.
>This version of the IKE specification combines the contents of what
>were previously separate documents, including ISAKMP (RFC 2408), IKE
>(RFC 2409), the Internet DOI (RFC 2407), NAT Traversal, Legacy
>authentication, and remote address acquisition.
>Version 2 of IKE does not interoperate with version 1, but it has
>enough of the header format in common that both versions can
>unambiguously run over the same UDP port.
>
>A URL for this Internet-Draft is:
>http://www.ietf.org/internet-drafts/draft-ietf-ipsec-ikev2-12.txt
>
>To remove yourself from the IETF Announcement list, send a message to 
>ietf-announce-request with the word unsubscribe in the body of the message.
>
>Internet-Drafts are also available by anonymous FTP. Login with the username
>"anonymous" and a password of your e-mail address. After logging in,
>type "cd internet-drafts" and then
>	"get draft-ietf-ipsec-ikev2-12.txt".
>
>A list of Internet-Drafts directories can be found in
>http://www.ietf.org/shadow.html 
>or ftp://ftp.ietf.org/ietf/1shadow-sites.txt
>
>
>Internet-Drafts can also be obtained by e-mail.
>
>Send a message to:
>	mailserv@ietf.org.
>In the body type:
>	"FILE /internet-drafts/draft-ietf-ipsec-ikev2-12.txt".
>	
>NOTE:	The mail server at ietf.org can return the document in
>	MIME-encoded form by using the "mpack" utility.  To use this
>	feature, insert the command "ENCODING mime" before the "FILE"
>	command.  To decode the response(s), you will need "munpack" or
>	a MIME-compliant mail reader.  Different MIME-compliant mail readers
>	exhibit different behavior, especially when dealing with
>	"multipart" MIME messages (i.e. documents which have been split
>	up into multiple messages), so check your local documentation on
>	how to manipulate these messages.
>		
>		
>Below is the data which will enable a MIME compliant mail reader
>implementation to automatically retrieve the ASCII version of the
>Internet-Draft.
>
>  
>

Follow-Ups:
- Why is the length of transform ID 2 octets in IKEv2?
  - From: Tero Kivinen <kivinen@iki.fi>

References:
- I-D ACTION:draft-ietf-ipsec-ikev2-12.txt
  - From: Internet-Drafts@ietf.org

Prev by Date: I-D ACTION:draft-ietf-ipsec-ikev2-iana-01.txt
Next by Date: Re: IKEv1 and multiple SAs ?
Previous by thread: I-D ACTION:draft-ietf-ipsec-ikev2-12.txt
Next by thread: Why is the length of transform ID 2 octets in IKEv2?
Index(es):
- Date
- Thread