[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Ipsec] Two IKEv2 issues from the IESG
>>>>> "Russ" == Russ Housley <housley@vigilsec.com> writes:
Russ> Michael: I suggest the addition of the following text:
>>
Russ> "All IKEv2 implementations MUST be able to receive and process
Russ> packets that are up to 1280 bytes long, and they SHOULD be able
Russ> to receive and process packets that are up to 3000 bytes long."
>> (Sorry to be pedantic here, but I think it is important)
>>
>> I think that the word "packet" is wrong here.
>>
>> I think that you mean "datagram" -- seeing as a 3000 byte datagram
>> would exceed common MTU, it must have been fragmented into
>> multiple frames to have been received.
>>
>> The above (corrected) statement also implies to me that an IKEv2
>> and host must be prepared to re-assemble at least 3000 bytes bytes
>> worth of fragment.
Russ> I see your point. If we take this approach, then we need to
Russ> remove the IP header and UDP header sizes from the
Russ> mandatory-to-support size.
If we weren't so afraid of internationalbureaucratspeak, we could just
say "APDUs" which would be clear and unambiguous.
paul
_______________________________________________
Ipsec mailing list
Ipsec@ietf.org
https://www1.ietf.org/mailman/listinfo/ipsec