[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Some IKEv2 issues

To: Charles Lynn <clynn@bbn.com>
Subject: Re: Some IKEv2 issues
From: Tero Kivinen <kivinen@iki.fi>
Date: Wed, 18 Feb 2004 23:09:40 +0200
Cc: ipsec@lists.tislabs.com
In-reply-to: <20040217200214.A42B020520@wolfe.bbn.com>
References: <16434.27900.199285.136682@fireball.acr.fi><20040217200214.A42B020520@wolfe.bbn.com>
Sender: owner-ipsec@lists.tislabs.com

Charles Lynn writes:
> >	2) Say how OPAQUE is encoded (start = max, end = min ???)
> 
> > in point 2, I think it should be start = min, end = max, not other
> > way around
> 
> start = min, end = max is the encoding for ANY.  OPAQUE and ANY are
> not the same.  OPAQUE means the value of a field cannot be determined,
> either because the protocol does not have it, or it is hidden by
> encryption or fragmentation.

From the responder side of view, what is the actual implemenation
difference between OPAQUE and ANY? I think they will be processed
identically in the implementations. There are semantic differences in
some cases, but I do not think that any implementations actually need
to know the difference on the packet processing level, thus I think we
should simply have one format of expressing that instead of having
special case for OPAQUE.

The IKEv2 draft does not make difference between any and opaque, and I
think that is fine. 
-- 
kivinen@safenet-inc.com

References:
- Some IKEv2 issues
  - From: Tero Kivinen <kivinen@iki.fi>
- Re: Some IKEv2 issues
  - From: Charles Lynn <clynn@bbn.com>

Prev by Date: SAs that carry fragments Was: Re: Some IKEv2 issues
Next by Date: Re: IANA assignment policies
Previous by thread: Question about EAP and CFG
Next by thread: SAs that carry fragments Was: Re: Some IKEv2 issues
Index(es):
- Date
- Thread