IETF Logo Mail Archive

Re: [anonsec] Dan's comments (Re: Connection Latching draft review (draft-ietf-btns-connection-latching-04.txt))

Stephen Kent <kent@bbn.com> Mon, 14 January 2008 21:24 UTC

Return-path: <anonsec-bounces@postel.org>
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1JEWms-0002N8-K0 for btns-archive-waDah9Oh@lists.ietf.org; Mon, 14 Jan 2008 16:24:06 -0500
Received: from boreas.isi.edu ([128.9.160.161]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1JEWms-00062F-8T for btns-archive-waDah9Oh@lists.ietf.org; Mon, 14 Jan 2008 16:24:06 -0500
Received: from boreas.isi.edu (localhost [127.0.0.1]) by boreas.isi.edu (8.13.8/8.13.8) with ESMTP id m0ELJLkQ001377; Mon, 14 Jan 2008 13:19:21 -0800 (PST)
Received: from mx11.bbn.com (mx11.bbn.com [128.33.0.80]) by boreas.isi.edu (8.13.8/8.13.8) with ESMTP id m0ELHajg000533 for <anonsec@postel.org>; Mon, 14 Jan 2008 13:17:36 -0800 (PST)
Received: from dommiel.bbn.com ([192.1.122.15] helo=[192.168.0.101]) by mx11.bbn.com with esmtp (Exim 4.60) (envelope-from <kent@bbn.com>) id 1JEWgY-0008Fa-57; Mon, 14 Jan 2008 16:17:34 -0500
Mime-Version: 1.0
Message-Id: <p0624051ac3b168a58557@[192.168.0.101]>
In-Reply-To: <20080110231609.GD810@Sun.COM>
References: <8CC6CEAB44F131478D3A7B429ECACD91085EA3@CORPUSMX20A.corp.emc.com> <20080110223247.GZ810@Sun.COM> <20080110231609.GD810@Sun.COM>
Date: Mon, 14 Jan 2008 16:18:03 -0500
To: Nicolas Williams <Nicolas.Williams@sun.com>
From: Stephen Kent <kent@bbn.com>
X-ISI-4-43-8-MailScanner: Found to be clean
X-MailScanner-From: kent@bbn.com
Cc: anonsec@postel.org, Black_David@emc.com, Daniel McDonald <Dan.McDonald@sun.com>
Subject: Re: [anonsec] Dan's comments (Re: Connection Latching draft review (draft-ietf-btns-connection-latching-04.txt))
X-BeenThere: anonsec@postel.org
X-Mailman-Version: 2.1.6
Precedence: list
List-Id: "Discussions of anonymous Internet security." <anonsec.postel.org>
List-Unsubscribe: <http://mailman.postel.org/mailman/listinfo/anonsec>, <mailto:anonsec-request@postel.org?subject=unsubscribe>
List-Archive: <http://mailman.postel.org/pipermail/anonsec>
List-Post: <mailto:anonsec@postel.org>
List-Help: <mailto:anonsec-request@postel.org?subject=help>
List-Subscribe: <http://mailman.postel.org/mailman/listinfo/anonsec>, <mailto:anonsec-request@postel.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: anonsec-bounces@postel.org
Errors-To: anonsec-bounces@postel.org
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 79899194edc4f33a41f49410777972f8

Nico & Dan,

the SPD has always been a persistent database. the newly added PAD 
also is persistent. It's the SAD that is transient, i.e., need not 
have any entries unless SAs have been created, and those entries 
vanish when the SAs they represent vanish. The notion of dynamic 
modification of the SPD is a relatively new concept, not part of the 
original design, but not ruled out by it. Also note that the 
de-correlated SPD model introduced in 4301 works very well for a 
persistent database, but could be costly to maintain if the SPD is 
frequently updated.

Steve has indicated that he is tired of reviewing BTNS documents that 
often are hard to read and that too often are revised with only 
slight improvement. The BTNS problem statement is the most recent 
example, where comments from two years ago were not acted upon.

Steve

_______________________________________________

v2.23.0 | Report a Bug | By Email