[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: IKE V2 Open Issues

To: ipsec@xxxxxxxxxxxxxxxxx
Subject: Re: IKE V2 Open Issues
From: Uri Blumenthal <uri@xxxxxxxxxxxxx>
Date: Thu, 10 Apr 2003 15:38:14 -0400
Organization: Lucent Tehcnologies / Bell Labs
References: <> <>
Sender: owner-ipsec@xxxxxxxxxxxxxxxxx
User-agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.0.2) Gecko/20030208 Netscape/7.02

Derek Atkins wrote:

5) Lack of definition of the COOKIE_REQUIRED notify payload.
Charlie's suggestion to delete the COOKIE_REQUIRED payload and simply
to use the COOKIE payload is simple, and non-controversial.


Actually, I (and at least two others who have voiced opinions on the
topic) prefer Radia's suggestion of putting the cookie into the
COOKIE_REQUIRED notify payload and sending that.  So Bob would send a
N(COOKIE_REQUIRED{cookie}) message to Alice, and Alice would add
N(COOKIE{cookie}) to message-3.  I think this is clearer than
Charlie's suggestion of just using N(COOKIE{cookie}) in both
directions.


Yes, your way it's clearer. However Charlie's way is simpler,
and one less payload type to worry about...

I'll be happy with either choice - but lean towards N(COOKIE{cookie})...

Follow-Ups:
- Re: IKE V2 Open Issues
  - From: Derek Atkins

References:
- IKE V2 Open Issues
  - From: Theodore Ts'o
- Re: IKE V2 Open Issues
  - From: Derek Atkins

Prev by Date: Last Call: Using AES Counter Mode With IPsec ESP to Proposed Standard
Next by Date: Re: IKE V2 Open Issues
Previous by thread: Re: IKE V2 Open Issues
Next by thread: Re: IKE V2 Open Issues
Index(es):
- Date
- Thread