[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

comment on draft-ietf-ipsec-udp-encaps-07.txt

To: ipsec@lists.tislabs.com
Subject: comment on draft-ietf-ipsec-udp-encaps-07.txt
From: chris stillson <stillson@cardholder.eng.sun.com>
Date: Thu, 15 Jan 2004 13:42:27 -0800
Reply-to: chris.stillson@sun.com
Sender: owner-ipsec@lists.tislabs.com


According to the udp encapsulation draft, 

2. Packet Formats

2.1  UDP-encapsulated ESP Header Format
....
The UDP header is a standard [RFC 768] header, where
- Source Port and Destination Port MUST be the same as used by
   IKE traffic.

But, one of the ports must be 4500 on the wire. And the destination
port seen by any implementation must be 4500. There seems to be some
implication that encapsulation could happen over port 500. I think the 
language should be tightened to that this only happens over port 4500
(and an ephemeral port in some cases). I think this could lead to
possible interoperability problems otherwise.


chris stillson
IPSEC crypto monkey
x82477

Note: Preceding comments written by an engineer. There is nothing
to read into them. He really has no hidden motives or agendas.

1.Right Understanding 2.Right Thoughts 3.Right Speech 4.Right Action 
5.Right Livelihood 6.Right Effort 7.Right Mindfulness 8.Right Concentration 
--Please inform author if he has forgotten about any of these

Prev by Date: Old discussion - subject - Me tarzan and me jane
Next by Date: Re: Old discussion - subject - Me tarzan and me jane
Previous by thread: RE: Old discussion - subject - Me tarzan and me jane
Next by thread: 2401bis -- current version is the correct one
Index(es):
- Date
- Thread