[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: New traffic Selectors in RFC2401bis

To: "Mohan Parthasarathy" <mohanp@xxxxxxxxxxxxx>
Subject: Re: New traffic Selectors in RFC2401bis
From: Stephen Kent <kent@xxxxxxx>
Date: Mon, 17 Nov 2003 09:19:08 -0500
Cc: <ipsec@xxxxxxxxxxxxxxxxx>
In-reply-to: <>
References: <>
Sender: owner-ipsec@xxxxxxxxxxxxxxxxx

At 18:43 -0800 11/16/03, Mohan Parthasarathy wrote:

Hello,

RFC2401bis defines ICMP type and code as selector. AFAIK, this itself can be
negotiated
only using IKEv2 traffic selector and one cannot use IKEv1 ID payload. If
this is correct,
is it worth clarifying in the document ? I can see that the IKE reference
has been removed
currently. I assume that both IKE versions will be referenced in the future
revision. In that
case it might be worth clarifying the issue i guess. Not sure what else is
IKEv2 specific.

thanks
mohan

Mohan,

In general, 2401bis is closely aligned with features of IKEv2. The new structure of SPD entries allows one SA to represent several, distinct S/D address pairs or port ranges, etc. This too cannot be negotiated with IKE v1. In general, 2401bis represents an updating of 2401 that also assumes use of IKE v2 vs. v1.

Steve

Follow-Ups:
- Re: New traffic Selectors in RFC2401bis
  - From: Mohan Parthasarathy

References:
- New traffic Selectors in RFC2401bis
  - From: Mohan Parthasarathy

Prev by Date: 77% 0FF V I @ G .R. A. rn t
Next by Date: Re: PMTU discovery for tunnels: issues 78, 49, 81
Previous by thread: New traffic Selectors in RFC2401bis
Next by thread: Re: New traffic Selectors in RFC2401bis
Index(es):
- Date
- Thread