On Thu, 2 Apr 2015, Stephen Kent wrote:
Hi Steve,
As the primary author of 4301, and the creator of the PAD, I believe this
work
does update that section of 4301. I agree with Kathleen that this doc needs
to
say precisely what parts of 4301 are being updated, perhaps using a
before/after
approach.
Section 2.4 already describes our the changes to the PAD processing:
https://tools.ietf.org/html/draft-ietf-ipsecme-ikev2-null-auth-05#section-2.4
The original PAD text of 4301 is here:
https://tools.ietf.org/html/rfc4301#section-4.4.3.1
If our text is not suitable, could you perhaps explain what is missing,
or even better, suggest text that would address your concerns with the
current section?
The text currently suggests using a new BOOL to determine if a PAD entry
can use AUTH_NULL/ID_NULL. Would you prefer it rewritten as just another
type of ID that is only added to the PAD authentication types as specified
in 4301?
If our current text is adequate, we can just add the "updated 4301" to
the document.
Thanks,
Paul
_______________________________________________
IPsec mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/ipsec
