Re: [Ipsec] Discrepency RFC4301 and RFC4305
Stephen Kent <kent@bbn.com> Mon, 09 January 2006 15:56 UTC
Received: from localhost.cnri.reston.va.us ([127.0.0.1] helo=megatron.ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1EvzNn-0003Ez-U3; Mon, 09 Jan 2006 10:56:31 -0500
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1EvzNl-0003En-No for ipsec@megatron.ietf.org; Mon, 09 Jan 2006 10:56:29 -0500
Received: from ietf-mx.ietf.org (ietf-mx [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id KAA24738 for <ipsec@ietf.org>; Mon, 9 Jan 2006 10:55:11 -0500 (EST)
Received: from aragorn.bbn.com ([128.33.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1EvzUI-0000sg-BY for ipsec@ietf.org; Mon, 09 Jan 2006 11:03:14 -0500
Received: from [128.89.89.106] (dhcp89-089-106.bbn.com [128.89.89.106]) by aragorn.bbn.com (8.12.7/8.12.7) with ESMTP id k09FuHIC017460; Mon, 9 Jan 2006 10:56:17 -0500 (EST)
Mime-Version: 1.0
Message-Id: <p06230900bfe8255d41b1@[128.89.89.106]>
In-Reply-To: <BB6D74C75CC76A419B6D6FA7C38317B2C3A515@sinett-sbs.SiNett.LAN>
References: <BB6D74C75CC76A419B6D6FA7C38317B2C3A515@sinett-sbs.SiNett.LAN>
Date: Mon, 09 Jan 2006 10:45:57 -0500
To: Vishwas Manral <Vishwas@sinett.com>
From: Stephen Kent <kent@bbn.com>
Subject: Re: [Ipsec] Discrepency RFC4301 and RFC4305
X-Virus-Scanned: ClamAV version 0.83, clamav-milter version 0.83 on 128.33.1.41
X-Virus-Status: Clean
X-Spam-Score: 0.7 (/)
X-Scan-Signature: 6640e3bbe8a4d70c4469bcdcbbf0921d
Cc: IPsec <ipsec@ietf.org>, russ housley <housley@vigilsec.com>
X-BeenThere: ipsec@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: IP Security <ipsec.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:ipsec@ietf.org>
List-Help: <mailto:ipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=subscribe>
Content-Type: multipart/mixed; boundary="===============0831800075=="
Sender: ipsec-bounces@ietf.org
Errors-To: ipsec-bounces@ietf.org
At 8:04 PM -0800 1/8/06, Vishwas Manral wrote: >Content-class: urn:content-classes:message >Content-Type: multipart/alternative; > boundary="----_=_NextPart_001_01C614D1.CA0C5D20" > >Hi, > >I had brought out the issue more then a year back that: > >RFC4301 states > - confidentiality-only (MAY be supported) > - integrity only (MUST be supported) > - confidentiality and integrity (MUST be supported) > >However RFC4305 states that NULL authentication support is a MUST. > >I had brought out the issue with the draft which became RFC4305. >Stephen Kent had supported the change and stated >"since we changed the requirements for encryption-only support in >this round of document revisions, I think a SHOULD here is correct." ><http://130.230.52.14/list-archive/ipsec/msg05576.html>http://130.230.52.14/list-archive/ipsec/msg05576.html > >however Donald Eastlake had stated >@@@ I think draft-ietf-ipsec-esp-v3-09 should be changed. ><http://130.230.52.14/list-archive/ipsec/msg05578.html>http://130.230.52.14/list-archive/ipsec/msg05578.html > >The issue never got resolved and we now have this discrepancy in the >RFC's. Should I send an errata for RFC4305 regarding the same? > >Thanks, >Vishwas Whoops. Sorry that this one fell through the cracks in the intervening year after you noted the discrepancy. I still think a SHOULD is appropriate for ESP, given the changes in the architecture document. Since this is a significant change (from a MUST to a SHOULD), it cannot be an errata, as Paul noted. I'll ask Russ how he would like to handle this. Steve
_______________________________________________ Ipsec mailing list Ipsec@ietf.org https://www1.ietf.org/mailman/listinfo/ipsec
- [Ipsec] Discrepency RFC4301 and RFC4305 Vishwas Manral
- Re: [Ipsec] Discrepency RFC4301 and RFC4305 Paul Hoffman
- Re: [Ipsec] Discrepency RFC4301 and RFC4305 Stephen Kent