Stephen Kent wrote:
>
> Joe,
>
> I agree with Henry here. We have security issues that influence
> whether, when, and how we copy data between the red and black IP
> headers, in tunnel mode. 2003 is not attuned to the issues, nor
> should it be.
>
> In the rewrite of 2401, we will try to do a much better job of
> describing these mappings, and the rationale behind each. We didn't
> get all of them right last time and will try to do better this time
> around.
Would it not be preferable to get those issues in to 2003bis, in one
place?
(they _are_ security considerations).
(I'm not proposing to omit the changes, just to roll them, and their
protocol implications, into 2003bis)
the security issues surrounding mapping of header fields are relevant
only if one is encrypting the tunneled packet, so I don't understand
why 2003bis would want to include this info. Could you clarify?