Re: Specification of tunnel/transport attribute in IKEv2

Henry Spencer <henry@spsystems.net> Wed, 15 May 2002 14:50 UTC

Received: from lists.tislabs.com (portal.gw.tislabs.com [192.94.214.101]) by above.proper.com (8.11.6/8.11.3) with ESMTP id g4FEoGL27160; Wed, 15 May 2002 07:50:16 -0700 (PDT)
Received: by lists.tislabs.com (8.9.1/8.9.1) id KAA04382 Wed, 15 May 2002 10:07:44 -0400 (EDT)
Date: Wed, 15 May 2002 10:20:14 -0400
From: Henry Spencer <henry@spsystems.net>
To: "Prof. Ahmed Bin Abbas Ahmed Ali Adas" <alaadas@kaau.edu.sa>
cc: ipsec@lists.tislabs.com
Subject: Re: Specification of tunnel/transport attribute in IKEv2
In-Reply-To: <001501c1fbe1$02a0f1c0$4d17fea9@amanda2>
Message-ID: <Pine.BSI.3.91.1020515101618.23570D-100000@spsystems.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset="US-ASCII"
Sender: owner-ipsec@lists.tislabs.com
Precedence: bulk

On Wed, 15 May 2002, Prof. Ahmed Bin Abbas Ahmed Ali Adas wrote:
> In protocol architecture, the policy making should be totally isolated from
> the Key Agreement Protocols or Key Transport Protocols.

This is a reasonable principle, but it does not change what I said:
separating the two issues still leaves two issues to be dealt with.

The policy checking within IKE is important, and removing it from IKE does
not remove the requirement that it be dealt with somehow.  Esthetically
distasteful though it may be, dealing with it within IKE has been quite
successful and has met users' needs well. 

                                                          Henry Spencer
                                                       henry@spsystems.net

NAT-Traversal Lokesh
RE: NAT-Traversal Jayant Shukla
Specification of tunnel/transport attribute in IK… Andrew Krywaniuk
Re: Specification of tunnel/transport attribute i… Markku Savela
RE: Specification of tunnel/transport attribute i… Andrew Krywaniuk
Re: Specification of tunnel/transport attribute i… Markku Savela
Re: Specification of tunnel/transport attribute i… Henry Spencer
Re: Specification of tunnel/transport attribute i… Markku Savela
Re: Specification of tunnel/transport attribute i… Prof. Ahmed Bin Abbas Ahmed Ali Adas
Re: Specification of tunnel/transport attribute i… Henry Spencer
Re: Specification of tunnel/transport attribute i… Henry Spencer
Re: Specification of tunnel/transport attribute i… Markku Savela
Re: Specification of tunnel/transport attribute i… Dan Harkins
Re: Specification of tunnel/transport attribute i… Francis Dupont
Re: Specification of tunnel/transport attribute i… Markku Savela
Re: Specification of tunnel/transport attribute i… Markku Savela
Re: Specification of tunnel/transport attribute i… Francis Dupont
Re: Specification of tunnel/transport attribute i… Dan Harkins
Re: Specification of tunnel/transport attribute i… Markku Savela
Re: Specification of tunnel/transport attribute i… Dan Harkins
Re: Specification of tunnel/transport attribute i… Markku Savela
Re: Specification of tunnel/transport attribute i… Dan Harkins
Re: Specification of tunnel/transport attribute i… Markku Savela
Re: Specification of tunnel/transport attribute i… Paul Hoffman / VPNC
Re: Specification of tunnel/transport attribute i… Markku Savela
Re: Specification of tunnel/transport attribute i… Jan Vilhuber
Re: Specification of tunnel/transport attribute i… Marc Solsona
Re: Specification of tunnel/transport attribute i… Markku Savela
Re: Specification of tunnel/transport attribute i… Jan Vilhuber
remove jrodriguez@intellinet-tech.com Jeremy Rodriguez
Re: Specification of tunnel/transport attribute i… Markku Savela
Re: Specification of tunnel/transport attribute i… Charlie_Kaufman
RE: Specification of tunnel/transport attribute i… Andrew Krywaniuk
RE: Specification of tunnel/transport attribute i… Michael Thomas
Re: Specification of tunnel/transport attribute i… Stephen Kent