IETF Logo Mail Archive

Re: [IPsec] #117: Hash and URL interop

Tero Kivinen <kivinen@iki.fi> Wed, 25 November 2009 13:52 UTC

Return-Path: <kivinen@iki.fi>
X-Original-To: ipsec@core3.amsl.com
Delivered-To: ipsec@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id C846E3A67A8 for <ipsec@core3.amsl.com>; Wed, 25 Nov 2009 05:52:28 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.582
X-Spam-Level:
X-Spam-Status: No, score=-2.582 tagged_above=-999 required=5 tests=[AWL=0.017, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id c-bHRYrNWlgM for <ipsec@core3.amsl.com>; Wed, 25 Nov 2009 05:52:28 -0800 (PST)
Received: from mail.kivinen.iki.fi (fireball.acr.fi [83.145.195.1]) by core3.amsl.com (Postfix) with ESMTP id A91E03A63EB for <ipsec@ietf.org>; Wed, 25 Nov 2009 05:52:27 -0800 (PST)
Received: from fireball.kivinen.iki.fi (localhost [127.0.0.1]) by mail.kivinen.iki.fi (8.14.3/8.14.3) with ESMTP id nAPDqIrI014445 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Wed, 25 Nov 2009 15:52:18 +0200 (EET)
Received: (from kivinen@localhost) by fireball.kivinen.iki.fi (8.14.3/8.12.11) id nAPDqITK014367; Wed, 25 Nov 2009 15:52:18 +0200 (EET)
X-Authentication-Warning: fireball.kivinen.iki.fi: kivinen set sender to kivinen@iki.fi using -f
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Message-ID: <19213.13970.105797.850084@fireball.kivinen.iki.fi>
Date: Wed, 25 Nov 2009 15:52:18 +0200
From: Tero Kivinen <kivinen@iki.fi>
To: Yoav Nir <ynir@checkpoint.com>
In-Reply-To: <EA6311DE-97C3-4633-AAD2-C6C82946D162@checkpoint.com>
References: <7F9A6D26EB51614FBF9F81C0DA4CFEC801BDA1213EA9@il-ex01.ad.checkpoint.com> <7F9A6D26EB51614FBF9F81C0DA4CFEC801BDF88DFFE1@il-ex01.ad.checkpoint.com> <p06240863c731d54f3a70@[10.20.30.158]> <EA6311DE-97C3-4633-AAD2-C6C82946D162@checkpoint.com>
X-Mailer: VM 7.19 under Emacs 21.4.1
X-Edit-Time: 4 min
X-Total-Time: 4 min
Cc: IPsecme WG <ipsec@ietf.org>, Paul Hoffman <paul.hoffman@vpnc.org>
Subject: Re: [IPsec] #117: Hash and URL interop
X-BeenThere: ipsec@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Discussion of IPsec protocols <ipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ipsec>
List-Post: <mailto:ipsec@ietf.org>
List-Help: <mailto:ipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 25 Nov 2009 13:52:28 -0000

Yoav Nir writes:
> Even things that seem obvious like https and ftp require a lot of
> considerations, like how to verify the certificate in https, or what
> identity to present in ftp. 
> 
> If someone wants to specify additional URL methods, they can specify
> then in an I-D.

Yes, and but if the current documents says MUST NOT for them, then
they can have problems talking to the current implementations.

On the other hand nobody has yet answered to my earlier question what
they plan to say in the draft. Original text said "allow only http
URL", and I said MUST NOT would not be ok for me.

Paul said:

> > I agree with only listing HTTP.

which does not tell what he means with that. Do he mean that we only
list http (currently we do that, we say MUST for http urls and do not
list any other url methods). 

So I would really like to see the exact wording before I can say
anything else. Or at least better explination what is meant. 
-- 
kivinen@iki.fi

v2.23.0 | Report a Bug | By Email