Dan Harkins writes: > I'm a bit undecided on Tero's proposal. I tend to get in trouble when > I ascribe motivation to things people do so I won't do that, but as > someone who actually implements the protocols we design here I think > having n protocols, where n > 1, to solve a single problem with no clear > "winner" means that for interoperability reasons I have to implement > all n and that's a shame. Since Tero actually implements these protocols > too I think he might share that concern.
Yes. I will most likely need to implement all of the protocols, and as I am programmer, I am by defination lazy. And as I am lazy that means I want to make my job as easy as possible. Currently all 4 methods use different methods to negotiate which method is used, uses different payload format, uses different exchange types, and uses different ways for calculating the AUTH payloads. There are some fundamental differences in the protocols, for example the way they calculate the AUTH payloads, which we cannot solve with common code, but the agreement which method to use, exchange types, payload formats etc are something which share lots of stuff and I do not want to write the same stuff 4 times, I want to write it once, so I want to make them same... > It might be possible to get the authors of the competing drafts to > rely on a common method of identifying the intent of the initiator > (currently PACE uses a Notify and SPSK uses the mandatory bit) and That was my step 1. > ensure that their protocols all look the same-- send a blob, get a blob, > send another blob, get another blob-- As far as I can read the drafts they already all do the that in the same way. > and to mix results from PAKE exchange into results of the D-H > exchange in a uniform manner And this is something all of them most likely will do differently, so I have no high hopes of having one way to do that, so most likely this code needs to be written 4 times... > and we might get the equivalent of what he's proposing without Yet > Another Pluggable Architecture (which I guess we both agree would be > not-so-good). And as I said I do not want to have generic pluggable architecture, I want to have methods sharing as much common code as possible. > Now the drafts are in LC. Maybe a few comments could get the authors > to align their drafts so they look architecturally identical while > implementing different exchanges. Yes, altough I think it is easier if the common stuff is in separate document, and all others refer to that, as it makes keeping different versions in sync easier. It would be completely ok for me if all drafts just incorporated the changes to their drafts, as it would make my life even easier as then I do not need to write that draft describing the common stuff (did I mention I am lazy :-), but making sure they are aligned exactly may make things bit hard. Also implementors could not be sure that all of them are really aligned, because they do not refer to common text, meaning implementor need to check all of the documents and make sure they are aligned before they can implement them. -- kivi...@iki.fi _______________________________________________ IPsec mailing list IPsec@ietf.org https://www.ietf.org/mailman/listinfo/ipsec
