[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [Ipsec] Is AH + ESP required or needed in IKEv2

To: Tero Kivinen <kivinen@iki.fi>
Subject: RE: [Ipsec] Is AH + ESP required or needed in IKEv2
From: Stephen Kent <kent@bbn.com>
Date: Mon, 30 Aug 2004 08:05:07 -0400
Cc: ipsec@ietf.org, kseo@bbn.com
In-reply-to: <16685.43250.837575.68438@fireball.kivinen.iki.fi>
List-help: <mailto:ipsec-request@ietf.org?subject=help>
List-id: IP Security <ipsec.ietf.org>
List-post: <mailto:ipsec@ietf.org>
List-subscribe: <https://www1.ietf.org/mailman/listinfo/ipsec>,<mailto:ipsec-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www1.ietf.org/mailman/listinfo/ipsec>,<mailto:ipsec-request@ietf.org?subject=unsubscribe>
References: <F5F4EC6358916448A81370AF56F211A503AB211B@RED-MSG-51.redmond.corp.microsoft.com> <16685.43250.837575.68438@fireball.kivinen.iki.fi>
Sender: ipsec-bounces@ietf.org

Title: RE: [Ipsec] Is AH + ESP required or needed in IKEv2

Tero,

Sorry for the confusion. The intent in 2401bis was to simplify, and thus to remove the special case of creating two SAs based on one SPD entry. We missed the text in 4.4.1 that still accommodated the AH+ESP case. We will remove it. This also avoids the confusion of whether both SAs are tunnel or transport mode when we had one SPD entry that called for negotiating a pair of SAs, but only one indication of modality, as you noted.

Steve

_______________________________________________
Ipsec mailing list
Ipsec@ietf.org
https://www1.ietf.org/mailman/listinfo/ipsec

References:
- RE: [Ipsec] Is AH + ESP required or needed in IKEv2
  - From: "Charlie Kaufman" <charliek@microsoft.com>
- RE: [Ipsec] Is AH + ESP required or needed in IKEv2
  - From: Tero Kivinen <kivinen@iki.fi>

Prev by Date: [Ipsec] unknown
Next by Date: Re: [Ipsec] Some (hopefully final) comments to thedraft-ietf-ipsec-ikev2-15.txt
Previous by thread: RE: [Ipsec] Is AH + ESP required or needed in IKEv2
Next by thread: [Ipsec] unknown
Index(es):
- Date
- Thread