IETF Logo Mail Archive

Re: [Mip6] WG Last call: draft-ietf-mip6-ikev2-ipsec-06.txt

Francis Dupont <Francis.Dupont@point6.net> Fri, 28 April 2006 20:29 UTC

Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1FZZaU-0003o0-Q5; Fri, 28 Apr 2006 16:29:14 -0400
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1FZZaT-0003nv-8y for mip6@ietf.org; Fri, 28 Apr 2006 16:29:13 -0400
Received: from laposte.rennes.enst-bretagne.fr ([192.44.77.17]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1FZZaR-0001uK-Tb for mip6@ietf.org; Fri, 28 Apr 2006 16:29:13 -0400
Received: from localhost (localhost.localdomain [127.0.0.1]) by laposte.rennes.enst-bretagne.fr (8.13.4/8.13.4/2004.10.03) with ESMTP id k3SKT0ls020569; Fri, 28 Apr 2006 22:29:00 +0200
Received: from givry.rennes.enst-bretagne.fr (givry.rennes.enst-bretagne.fr [192.44.77.29]) by laposte.rennes.enst-bretagne.fr (8.13.4/8.13.4/2004.09.01) with ESMTP id k3SKSvpM020550; Fri, 28 Apr 2006 22:28:57 +0200
Received: from givry.rennes.enst-bretagne.fr (localhost.rennes.enst-bretagne.fr [127.0.0.1]) by givry.rennes.enst-bretagne.fr (8.13.1/8.13.1) with ESMTP id k3SKStus017550; Fri, 28 Apr 2006 22:28:56 +0200 (CEST) (envelope-from dupont@givry.rennes.enst-bretagne.fr)
Message-Id: <200604282028.k3SKStus017550@givry.rennes.enst-bretagne.fr>
From: Francis Dupont <Francis.Dupont@point6.net>
To: "Soliman, Hesham" <hsoliman@qualcomm.com>
Subject: Re: [Mip6] WG Last call: draft-ietf-mip6-ikev2-ipsec-06.txt
In-reply-to: Your message of Wed, 26 Apr 2006 08:58:32 PDT. <1487A357FD2ED544B8AD29E528FF9DF00247DC98@NAEX06.na.qualcomm.com>
Date: Fri, 28 Apr 2006 22:28:55 +0200
X-Virus-Scanned: amavisd-new at enst-bretagne.fr
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 9466e0365fc95844abaf7c3f15a05c7d
Cc: Gopal Dommety <gdommety@cisco.com>, mip6@ietf.org, jari.arkko@ericsson.com, Basavaraj Patil <basavaraj.patil@nokia.com>
X-BeenThere: mip6@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: mip6.ietf.org
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/mip6>, <mailto:mip6-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:mip6@ietf.org>
List-Help: <mailto:mip6-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/mip6>, <mailto:mip6-request@ietf.org?subject=subscribe>
Errors-To: mip6-bounces@ietf.org

 In your previous mail you wrote:

    > I don't like the transport all mode for architectural reasons.
   
   => Ok. can you please elaborate?

=> I consider the HAO as a degenerated tunnel so you have double
tunneling (one tunnel for IPsec, one for MIPv6) when obviously only
one is needed.

   I know you never liked it
   but I don't know what the architectural reasons are.

=> double tunneling.

   I think
   it's a more "correct" use of IPsec to not use tunnel mode
   between two end nodes.

=> but is the right end the HA or the CN (:-)?

   IMO tunnel mode only needs to be used
   when an intermediate node is terminating/initiating IPsec. 
   
=> this is the case here: the intermediate node is the HA.
   
Regards
   
Francis.Dupont@point6.net

_______________________________________________
Mip6 mailing list
Mip6@ietf.org
https://www1.ietf.org/mailman/listinfo/mip6

v2.23.0 | Report a Bug | By Email