[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Final editing changes to IKEv2



On Wed, Mar 17, 2004 at 01:14:15PM -0000, Michael Roe wrote:
> I agree with this change. But Charlie's original message also asked
> for clarification of how the mobility header type is encoded.
> I think we should adopt Charlie's suggestion for encoding the mobility
> header type as well (note that it isn't obvious, so interoperability
> problems are likely if it isn't described)

Currently IKEv2 specifies that for ESP and AH, SA's always exist in
pairs.  So there's a higher level issue which is whether or not
unidirectional traffic selectors should be supported in the first
place.

I'll note that Charlie Lynn's suggestion (setting the responder's
traffic selectors to Opaque) doesn't seem to make sense since whether
or not the selectors should be unidrectional or not is orthoganal to
what the responder's ip port/address range would be.  

In any case, adding support for a unidrectional traffic selector would
appear to be adding new feature to IKEv2, at a time when we're trying
come to closure on the specification.  Is this something that has to
be done in the base spec, or should we do this as a later extension to
IKEv2?

						- Ted