[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: SPD Syntax Example

To: Andrew Krywaniuk <ak_ipsec@xxxxxxxx>
Subject: Re: SPD Syntax Example
From: Stephen Kent <kent@xxxxxxx>
Date: Mon, 26 Jan 2004 09:22:06 -0500
Cc: ipsec@xxxxxxxxxxxxxxxxx
In-reply-to: <>
References: <>
Sender: owner-ipsec@xxxxxxxxxxxxxxxxx

Andrew,

We've had this discussion before, and I'd rather not revisit it. If peers do not negotiate the selectors for an SA, interoperability problems arise. We have experience with this happening today, because IKE v1 did not do as well as IKE v2 in this regard. For example, in IKE v2 the initiator sends the packet header info for the packet that triggers SA creation, to allow the responder more flexibility in finding a suitable SPD entry when peers have overlapping but not identical SPD entries.

Steve

References:
- Re: SPD Syntax Example
  - From: Andrew Krywaniuk

Prev by Date: Re: SPD Syntax Example
Next by Date: Re: SPD Syntax Example
Previous by thread: Re: SPD Syntax Example
Next by thread: Re: SPD Syntax Example
Index(es):
- Date
- Thread