[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Ipsec] FW: Remaining issues for IKEv2
At 7:56 AM -0700 5/19/04, Paul Hoffman / VPNC wrote:
>At 10:58 AM +0300 5/19/04, Tero Kivinen wrote:
>>One wierd thing it thas 4.4.1.1 says support for OPAQUE is MUST.
>
>Then that *needs* to be corrected in the next version of the draft.
Support for the selector type in the SPD is trivial, and if we
mandate support for OPAQUE now, then we're set for later elevation of
one of these options to SHOULD from MAY, for example.
>
>>So I assume that your vote would be on both on being MAY?
>
>Correct.
>
>>My preferred way would be #3 being SHOULD and #2 being MAY.
>
>That makes some sense too; it's just more adventurous than I would
>be with this protocol without a lot more support from other vendors.
I agree with Tero that #3 as SHOULD is appropriate. My only concern
re #3, as Ted noted earlier, is that it imposes an unacceptable
burden on high speed implementations. Thus, if #3 is SHOULD, then I
think it would be legitimate for such implementations to not support
it (consistent with the interpretation of SHOULD). I would like
these implementations to support #2 in that case. A statement that an
implementation SHOULD support either #2 or #3 might be one way of
expressing this notion.
Steve
_______________________________________________
Ipsec mailing list
Ipsec@ietf.org
https://www1.ietf.org/mailman/listinfo/ipsec