[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: IKEv2 allocation policies, etc.

To: Paul Hoffman / VPNC <paul.hoffman@xxxxxxxx>
Subject: Re: IKEv2 allocation policies, etc.
From: Michael Richardson <mcr@xxxxxxxxxxxxxxxxxxxxxx>
Date: Sat, 31 Jan 2004 15:28:11 -0500
Cc: ipsec@xxxxxxxxxxxxxxxxx
In-reply-to: Your message of "Sat, 31 Jan 2004 10:26:05 PST." <>
Sender: owner-ipsec@xxxxxxxxxxxxxxxxx

-----BEGIN PGP SIGNED MESSAGE-----

>>>>> "VPNC" == VPNC  <Paul> writes:
    >> I don't think that that IETF has a lot of experience with expert
    >> review yet.

    VPNC> Fully disagree. It's working fine in many areas. (Full disclosure:
    VPNC> I'm now the "expert" on charsets (!))

  Okay, that's great. I'm aware of every policy out there.

    >> And, while the expert may ask to see a specification, (not necessary
    >> though), the specification may be proprietary, require NDA,
    >> specific-national security clearance, etc.

    VPNC> At which point they will not get their IANA registration.

  I thought that this was one of the *features* of Expert review.
The expert can assign values, even if the specifications are secret.

    >> So, expert review does not, in my opinion, mean that we get any
    >> specifications to look at. It just avoids silly stuff.

    VPNC> That isn't how it has worked in other parts of the IETF. For
    VPNC> instance, the IESG might require that the expert have a review
    VPNC> team, so all proposals are seen by many sets of eyes. (This is the
    VPNC> case for charsets, which are often more intricate and obscure than
    VPNC> IKE parameters.)

  Hmm. So, it sounds like expert review is now harder to pass now than
IESG Consensus. My understanding of 2434 was that it was supposed to be much
easier than that. We had originally discussed expert review in the context of
cleaning up the registries for ikev1. 

  I defer to your experience.

]       ON HUMILITY: to err is human. To moo, bovine.           |  firewalls  [
]   Michael Richardson,    Xelerance Corporation, Ottawa, ON    |net architect[
] mcr@xxxxxxxxxxxxx      http://www.sandelman.ottawa.on.ca/mcr/ |device driver[
] panic("Just another Debian GNU/Linux using, kernel hacking, security guy"); [

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
Comment: Finger me for keys

iQCVAwUBQBwP14qHRg3pndX9AQEw2gP9HLFiJXW2CeqxRJwm63wmgyMhnosjsxmP
bpXP7p6efy9IyzT2alllR8tKQdbyj2dhtRFxA3rzgTaVJsoal7qDvuNSuVUCgY3g
gvMw2d/DtbTqSREdxsCgXiQP1GnVA7upJPcS4kZH9OL9T9gOU9u1n/4ygsivwWjR
bK6iQDj/JQo=
=jTPL
-----END PGP SIGNATURE-----

Follow-Ups:
- Re: IKEv2 allocation policies, etc.
  - From: Paul Hoffman / VPNC

References:
- Re: IKEv2 allocation policies, etc.
  - From: Paul Hoffman / VPNC

Prev by Date: Re: IKEv2 allocation policies, etc.
Next by Date: Re: IKEv2 allocation policies, etc.
Previous by thread: Re: IKEv2 allocation policies, etc.
Next by thread: Re: IKEv2 allocation policies, etc.
Index(es):
- Date
- Thread