[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Ciphersuites for IKEv2, revised
-----BEGIN PGP SIGNED MESSAGE-----
>>>>> "Eric" == Eric Rescorla <ekr@xxxxxxxx> writes:
>> Maybe. But I think that having three different flavors of Suite-ID
>> (one for IKE, one for ESP, one for AH) will be just as confusing to
>> typical users.
Eric> Well, there are three different flavors of suite, regardless of how
Eric> the ID space is partitioned. I'm just saying that the two
Eric> structures should match.
>> What you are asking for would cause us to have to change the proposal
>> structure given in section 5.3.1 to split out "area of coverage" from
>> the Suite-ID.
Eric> I want three tables and three separate sections.
So, we have to have three different proposal structures, which are
identical, except that they negotiate the same things for the different uses?
] ON HUMILITY: to err is human. To moo, bovine. | firewalls [
] Michael Richardson, Sandelman Software Works, Ottawa, ON |net architect[
] mcr@xxxxxxxxxxxxxxxxxxxxxx http://www.sandelman.ottawa.on.ca/ |device driver[
] panic("Just another Debian GNU/Linux using, kernel hacking, security guy"); [
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)
Comment: Finger me for keys
-----END PGP SIGNATURE-----