[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: CONSENSUS TEST: Fragmentation handling

To: Mark Duffy <mduffy@quarrytech.com>
Subject: Re: CONSENSUS TEST: Fragmentation handling
From: Stephen Kent <kent@bbn.com>
Date: Tue, 6 Apr 2004 18:02:44 -0400
Cc: "Theodore Ts'o" <tytso@mit.edu>, Tero Kivinen <kivinen@iki.fi>, Mohan Parthasarathy <mohanp@sbcglobal.net>, ipsec@lists.tislabs.com
In-reply-to: <5.2.0.9.0.20040406170241.021ba780@email>
References: <p06020418bc932db12995@[128.89.89.75]><p06020400bc84e3428b9d@[128.89.89.75]><16480.15529.482315.278735@fireball.acr.fi><p06020405bc8617b47e2c@[128.89.89.75]><016c01c416c3$eb1d8270$861167c0@adithya><p06020400bc90995b65a1@[128.89.89.75]><16492.6896.588750.18184@fireball.acr.fi><p06020407bc91e352bb42@[128.89.89.75]><16493.10872.196792.111195@fireball.acr.fi><p06020418bc932db12995@[128.89.89.75]><5.2.0.9.0.20040406170241.021ba780@email>
Sender: owner-ipsec@lists.tislabs.com

At 5:19 PM -0400 4/6/04, Mark Duffy wrote:
>At 12:27 PM 4/6/2004 -0400, Theodore Ts'o wrote:
>>OK, do we have have consensus on the following text?  (Taken from
>>Steve's message of March 22nd, with #2 changed to MAY and #3 changed
>>to SHOULD).
>>
>>Please respond by Friday....
>
>Hi Ted,
>
>I had raised several points on this that I believe Steve agreed to 
>and no one else commented on:
>
>a) For modes #1 and #2, the document should mention that the same 
>behavior must apply for drop and bypass rules.  (I think Steve 
>wanted to put it in another section.)

right.

>b) For mode #3 the text should be extended to state that if the #3 
>behavior has been negotiated, the receiver MUST NOT accept 
>non-initial fragments without verifying that they comply with the 
>security policy called for for the overall packet.

right again.

>c) Port selector ANY should include OPAQUE as well as all specific 
>values.  I.e. an opaque port number in a packet should match a 
>policy that has the value ANY.

I said that in my message to Ted, clarifying #1.

>
>Beyond that, I would much rather make both #2 and #3 be MAY and MAY. 
>(Rather than MAY and SHOULD.)

See my response to Francis on why we have a SHOULD and a MAY.

Steve

References:
- Re: 2nd try
  - From: Stephen Kent <kent@bbn.com>
- Re: 2nd try
  - From: Tero Kivinen <kivinen@iki.fi>
- Re: 2nd try
  - From: Stephen Kent <kent@bbn.com>
- Re: 2nd try
  - From: Tero Kivinen <kivinen@iki.fi>
- Re: CONSENSUS TEST: Fragmentation handling
  - From: Mark Duffy <mduffy@quarrytech.com>

Prev by Date: Re: CONSENSUS TEST: Fragmentation handling
Next by Date: Re: CONSENSUS TEST: Fragmentation handling
Previous by thread: Re: CONSENSUS TEST: Fragmentation handling
Next by thread: Re: CONSENSUS TEST: Fragmentation handling
Index(es):
- Date
- Thread