[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Ciphersuites for IKEv2, revised

To: Paul Hoffman / VPNC <paul.hoffman@xxxxxxxx>
Subject: Re: Ciphersuites for IKEv2, revised
From: Eric Rescorla <ekr@xxxxxxxx>
Date: 30 Jan 2003 12:25:52 -0800
Cc: ipsec@xxxxxxxxxxxxxxxxx
In-reply-to: <>
References: <> <> <>
Reply-to: EKR <ekr@xxxxxxxx>
Sender: owner-ipsec@xxxxxxxxxxxxxxxxx
User-agent: Gnus/5.0808 (Gnus v5.8.8) XEmacs/21.1 (Cuyahoga Valley)

Paul Hoffman / VPNC <paul.hoffman@xxxxxxxx> writes:

> At 10:38 AM -0800 1/30/03, Eric Rescorla wrote:
> >So, you're saying that the cipher suites for IKE
> >encryption share the same namespace with those for
> >ESP/AH?
> 
> Correct. There is only one class of Suite-ID specified in the IKEv2 -04 draft.
> 
> >That seems kind of confusing.
> 
> Maybe. But I think that having three different flavors of Suite-ID
> (one for IKE, one for ESP, one for AH) will be just as confusing to
> typical users.
Well, there are three different flavors of suite, regardless
of how the ID space is partitioned. I'm just saying that
the two structures should match.

> What you are asking for would cause us to have to change the proposal
> structure given in section 5.3.1 to split out "area of coverage" from
> the Suite-ID.
I want three tables and three separate sections.

> Is that really worth it?
I think so. 

-Ekr

Follow-Ups:
- Re: Ciphersuites for IKEv2, revised
  - From: Michael Richardson

References:
- Ciphersuites for IKEv2, revised
  - From: Paul Hoffman / VPNC
- Re: Ciphersuites for IKEv2, revised
  - From: Eric Rescorla
- Re: Ciphersuites for IKEv2, revised
  - From: Paul Hoffman / VPNC

Prev by Date: Re: Ciphersuites for IKEv2, revised
Next by Date: Re: Ciphersuites for IKEv2, revised
Previous by thread: Re: Ciphersuites for IKEv2, revised
Next by thread: Re: Ciphersuites for IKEv2, revised
Index(es):
- Date
- Thread