[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Issue #83: Generation of ICMP responses for inbound packet requiring IPSEC protection

To: "'Tero Kivinen'" <kivinen@iki.fi>, "'Stephen Kent'" <kent@bbn.com>
Subject: RE: Issue #83: Generation of ICMP responses for inbound packet requiring IPSEC protection
From: "Bora Akyol" <bora@cisco.com>
Date: Thu, 19 Feb 2004 08:56:38 -0800
Cc: "'Theodore Ts'o'" <tytso@mit.edu>, <ipsec@lists.tislabs.com>
Importance: Normal
In-reply-to: <16434.24291.254422.111128@fireball.acr.fi>
Sender: owner-ipsec@lists.tislabs.com

If such an ICMP message is added, then the rate limiting
feature for this message must be a MUST requirement
and should not be left to the administrator.

One can not expect people that do not update virus definitions
to configure IPSEC related ICMP message rates.

Regards,

Bora

References:
- Re: Issue #83: Generation of ICMP responses for inbound packetrequiring IPSEC protection
  - From: Tero Kivinen <kivinen@iki.fi>

Prev by Date: Re: SAs that carry fragments Was: Re: Some IKEv2 issues
Next by Date: Re: SAs that carry fragments Was: Re: Some IKEv2 issues
Previous by thread: Re: Issue #83: Generation of ICMP responses for inbound packetrequiring IPSEC protection
Next by thread: Re: Issue #83: Generation of ICMP responses for inbound packet requiring IPSEC protection
Index(es):
- Date
- Thread