[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: ipsp-config-policy-model Questions
>>>>> "Eric" == Eric Vyncke <evyncke@xxxxxxxxx> writes:
Eric> At 13:08 18/07/2001 -0700, Michael Baer wrote:
>>
>> In a given set of SATransforms within a negotiated SA Action,
>> there could be as many as 3 different values for
>> maxLifetimeSeconds and maxLifetimeKilobytes (one set from each
>> of a AHTransform, ESPTransform, and IPcomp Transform) for an
>> SA. I would assume that the minimum of the 3 value from each of
>> these would be the value to use, but this should probably be
>> explicitly stated somewhere in the model (maybe in the
>> SATransform class or the IPsecProposal class?).
Eric> AFAIK, there will be 3 SA pairs: 1 SA pair for ESP, 1 SA
Eric> pair for AH and 1 SA pair for IPcomp. Each of those SA will
Eric> get its own MaxLifetimeSeconds property inherited from
Eric> SATransform.
I just made the Homer Simpson 'Doh' sound.
>> In the SAStaticAction Class a similar problem exists. Including
>> the value from SAStaticAction, the value from the sub-class
>> PreconfiguredSAAction and the values from possibly 3 different
>> SATransform objects, 4 different values of maxLifetimeSeconds
>> and maxLifetimeKilobytes can exist for an SA. Should the
>> PreconfiguredSAAction's object lifetime values override the
>> SATransforms lifetime values or should the minimum of the 4
>> possible values be used? or possibly a different method? I see
>> advantages to either method above, but one should probably be
>> stated in the model.
Eric> See above
Thanks for your response. I see how I wasn't thinking straight about
the 3 possible SA'S in a negotiated action above (sigh), but I still
don't understand the maxLifetime values in a preconfiguredSAACtion. If
the Action has maxLifetime values and each SA Transform has
maxLifetime values, which value is used for a given SA? (the
SATransform's, the preconfiguredSAACtion's, or the minimum of the
two.)
--
Michael Baer
baerm@xxxxxxxxxxxxxxx
NAI Labs