[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [Ipsec] Fwd: I-D ACTION:draft-nir-ikev2-auth-lt-02.txt

To: "Bora Akyol \(bora\)" <bora@xxxxxxxxx>
Subject: RE: [Ipsec] Fwd: I-D ACTION:draft-nir-ikev2-auth-lt-02.txt
From: Tero Kivinen <kivinen@xxxxxx>
Date: Wed, 11 May 2005 13:40:04 +0300
Cc: ipsec@xxxxxxxx, Yoav Nir <ynir@xxxxxxxxxxxxxx>, Pasi.Eronen@xxxxxxxxx, "Geoff Huang \(ghuang\)" <ghuang@xxxxxxxxx>
In-reply-to: <>
List-help: <mailto:ipsec-request@ietf.org?subject=help>
List-id: IP Security <ipsec.ietf.org>
List-post: <mailto:ipsec@ietf.org>
List-subscribe: <https://www1.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www1.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=unsubscribe>
References: <>
Sender: owner-ietf-ipsec@xxxxxxxxxxxxx

Bora Akyol \(bora\) writes:
> This is all nice and sound in theory, but in practice we know that the
> encrypting gateways rarely talk to the end application and neither does
> the vpn software running on the end host.

The whole world is not a VPNs. There is end to end IPsec things. 

> So I suggest the KISS principle as being appropriate here.

I agree, and the easiest is not to have any timers or so, simply a
notify from server saying "Reauthenticate now". That way
implementations can implement any logic they want to, even the time
based one...
-- 
kivinen@xxxxxxxxxxxxxxx

_______________________________________________
Ipsec mailing list
Ipsec@xxxxxxxx
https://www1.ietf.org/mailman/listinfo/ipsec

Follow-Ups:
- RE: [Ipsec] Fwd: I-D ACTION:draft-nir-ikev2-auth-lt-02.txt
  - From: Paul Hoffman

References:
- RE: [Ipsec] Fwd: I-D ACTION:draft-nir-ikev2-auth-lt-02.txt
  - From: Bora Akyol \(bora\)

Prev by Date: Re: [Ipsec] Clarifications open issue: INTERNAL_IP4_SUBNET/NETMASK
Next by Date: Re: [Ipsec] Small comments to rfc2401bis-06.txt
Previous by thread: RE: [Ipsec] Fwd: I-D ACTION:draft-nir-ikev2-auth-lt-02.txt
Next by thread: RE: [Ipsec] Fwd: I-D ACTION:draft-nir-ikev2-auth-lt-02.txt
Index(es):
- Date
- Thread