Dan Harkins writes: > There is a new draft available that some of you may be interested > in looking at. Please send your comments to the list.
I see no point of just updating one registry in the isakmp-registry (http://www.iana.org/assignments/isakmp-registry) and ipsec-registry (http://www.iana.org/assignments/ipsec-registry). Especially when we are talking about the protocol that was obsoleted in 2005. I myself would pick "Obsoleted registry, no more allocations allowed" for all of the IKEv1 registries. Unfortunately I am sure there are too many people objecting to that change, so I do not see it very likely. Anyways, if something is done to the IKEv1 registries, they should be cleaned up completely, i.e. someone would need to go through all the registries, check out if the relevant document actually mentions anything about the registration procedures or not, and update the IANA registries accordingly. For the most registries (including the "IPSEC Authentication Methods (Value 3)") the RFC2409 says "values 6-65000 are reserved to IANA." without giving out any hint which kind of registration procedure is needed. For some things like adding new attribute classes it does say that "Standard-Track RFC", for some others like Encryption Algorithms it says "reference to a standards-track or Informational RFC or a reference to published cryptographic literature which describes this algorithm." which would most likely mean "Specification Required". As you point out in your draft there are several allocations without any stable reference, and I would suggest we remove those. If there is no specification how to implement it, there is no way anybody can make interoperable implementations out of them either. Going through the IKEv1 IANA registries has been on my todo list of some time, but as this protocol has already been obsoleted for more than 5 years, and the registries are very old, I have just assumed there is no hurry... -- [email protected] _______________________________________________ IPsec mailing list [email protected] https://www.ietf.org/mailman/listinfo/ipsec
