[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Ipsec] a new draft

To: "Fan Zhao" <fanzhao@ucdavis.edu>
Subject: Re: [Ipsec] a new draft
From: Stephen Kent <kent@bbn.com>
Date: Fri, 30 Jul 2004 16:34:20 -0400
Cc: ipsec@ietf.org
In-reply-to: <200407282148.i6SLmZXw010672@diometes.ucdavis.edu>
List-help: <mailto:ipsec-request@ietf.org?subject=help>
List-id: IP Security <ipsec.ietf.org>
List-post: <mailto:ipsec@ietf.org>
List-subscribe: <https://www1.ietf.org/mailman/listinfo/ipsec>,<mailto:ipsec-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www1.ietf.org/mailman/listinfo/ipsec>,<mailto:ipsec-request@ietf.org?subject=unsubscribe>
References: <200407282148.i6SLmZXw010672@diometes.ucdavis.edu>
Sender: ipsec-bounces@ietf.org

I quickly reviewed your I-D. It seems to require that the IPsec specs 
change to accommodate tracking multiple sequence number spaces per 
SA, at receivers, as well as requiring senders on a multi-sender SA 
to generate the RNGm securely transit it to the receiver, etc. The 
IPsec WG previously rejected the notion of supporting per-sender 
sequence number windows at a receiver, when the MSEC folks suggested 
the same sort of approach. Unless directed by the WG chairs, I will 
not plan to make any changes to the current specs in support of these 
features.

Steve

_______________________________________________
Ipsec mailing list
Ipsec@ietf.org
https://www1.ietf.org/mailman/listinfo/ipsec

References:
- Re: [Ipsec] a new draft
  - From: "Fan Zhao" <fanzhao@ucdavis.edu>

Prev by Date: [Ipsec] Algorithm numbers mismatch between IPsec and IKE forAES-XCBC-MAC-96
Previous by thread: Re: [Ipsec] a new draft
Next by thread: [Ipsec] Seeking IPsec input on PMTUD draft
Index(es):
- Date
- Thread