[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Ipsec] Two IKEv2 issues from the IESG

To: housley@vigilsec.com
Subject: Re: [Ipsec] Two IKEv2 issues from the IESG
From: Paul Koning <pkoning@equallogic.com>
Date: Thu, 2 Sep 2004 13:10:18 -0400
Cc: ipsec@ietf.org, margaret@thingmagic.com, mcr@sandelman.ottawa.on.ca, narten@us.ibm.com
List-help: <mailto:ipsec-request@ietf.org?subject=help>
List-id: IP Security <ipsec.ietf.org>
List-post: <mailto:ipsec@ietf.org>
List-subscribe: <https://www1.ietf.org/mailman/listinfo/ipsec>,<mailto:ipsec-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www1.ietf.org/mailman/listinfo/ipsec>,<mailto:ipsec-request@ietf.org?subject=unsubscribe>
References: <6.1.1.1.2.20040902090413.05449ec0@mail.binhost.com><29377.1094137368@marajade.sandelman.ottawa.on.ca><6.1.1.1.2.20040902123439.05543dc8@mail.binhost.com>
Sender: ipsec-bounces@ietf.org

>>>>> "Russ" == Russ Housley <housley@vigilsec.com> writes:

 Russ> Michael: I suggest the addition of the following text:
 >>
 Russ> "All IKEv2 implementations MUST be able to receive and process
 Russ> packets that are up to 1280 bytes long, and they SHOULD be able
 Russ> to receive and process packets that are up to 3000 bytes long."
 >> (Sorry to be pedantic here, but I think it is important)
 >> 
 >> I think that the word "packet" is wrong here.
 >> 
 >> I think that you mean "datagram" -- seeing as a 3000 byte datagram
 >> would exceed common MTU, it must have been fragmented into
 >> multiple frames to have been received.
 >> 
 >> The above (corrected) statement also implies to me that an IKEv2
 >> and host must be prepared to re-assemble at least 3000 bytes bytes
 >> worth of fragment.

 Russ> I see your point.  If we take this approach, then we need to
 Russ> remove the IP header and UDP header sizes from the
 Russ> mandatory-to-support size.

If we weren't so afraid of internationalbureaucratspeak, we could just
say "APDUs" which would be clear and unambiguous.

    paul


_______________________________________________
Ipsec mailing list
Ipsec@ietf.org
https://www1.ietf.org/mailman/listinfo/ipsec

References:
- [Ipsec] Two IKEv2 issues from the IESG
  - From: Russ Housley <housley@vigilsec.com>
- Re: [Ipsec] Two IKEv2 issues from the IESG
  - From: Michael Richardson <mcr@sandelman.ottawa.on.ca>
- Re: [Ipsec] Two IKEv2 issues from the IESG
  - From: Russ Housley <housley@vigilsec.com>

Prev by Date: Re: [Pki4ipsec] Re: [Ipsec] big IKE packets
Previous by thread: Re: [Ipsec] Two IKEv2 issues from the IESG
Next by thread: Re: [Ipsec] Two IKEv2 issues from the IESG
Index(es):
- Date
- Thread