WG Last call: draft-ietf-ipsec-isakmp-gss-auth-05.txt

[Sheela Rowles <srowles@cisco.com>]

 Derrell and Brian (Swander),

My understanding is that the isakmp-gss draft is an informational draft,
that basically documents one vendor's implementation (Microsoft).
As it turns out, we are also implementing the draft (we = Cisco),
and so wondered if this should be considered as a future RFC rather
than an informational draft.   Is there anyone else out there
who plans to implement this?

In any case, since this is an informational draft (documenting 
Microsoft's work in this area, the draft needs to be modified
to reflect some differences between the draft and Microsoft's 
current implementation:

1.   The draft currently mentions that exchanging an attribute 
in the first exchange 'may' be done, but as far as I can
tell, there is no easy way to interoperate with MS unless
this is done.  It seems this should be a 'must'.   

2. Currently MS has implemented this attribute as a wide character
string, so the spec should specify that.  My understanding is that
MS will be adding the one-byte character strings but this is not
true in the current WIN2K release.

3. Finally, the vendor ID doesn't match. MS currently has the
vendorid implemented as "GSSAPI" while the spec has a different
vendor id specified.

thanks.
Sheela