Let's say we added a new transport. Just to make a concrete example, lets say someone defined a IPsec based transports, it seems to me that the RFC that defined the new transport would also specify a configuration option for the config XML to say that the ring required use of IPsec. Now an node forming a new link would know that it needed to use that link layer protocol. I'm not seeing how the attach to the bootstrap node is different from any other attach in this regard. I don't care one way or the other how it gets done, it's just not clear to me yet what is needed. Totally agree we have to understand how this works. I'm just not clear yet on what people want.
On Mar 9, 2010, at 12:24 PM, David A. Bryan wrote: > Unless I am missing something, it is needed to specify what protocol > is used to contact the bootstrap peer. Again, how can one otherwise > know how to contact the bootstrap peer if and using what protocol if > the overlay isn't using (D)TLS? If that is specified somewhere else in > the XML, you don't need it here, but I don't see a mechanism about the > security protocol being used specified anywhere else. > > David (as individual) > > On Tue, Mar 9, 2010 at 2:20 PM, Cullen Jennings <[email protected]> wrote: > > > > So I was sort of hoping to get reasons why the flag was needed (or not). > > > > On Mar 9, 2010, at 7:00 AM, Ari Keranen wrote: > > > >> I would support an explicit flag. > >> > >> Also, since a single bootstrap node is likely to support multiple options, > >> it could make sense to have something like: > >> > >> <bootstrap-node address="192.0.0.1"> > >> <port proto="TLS">5678</port> > >> <port proto="DTLS">6789</port> > >> </bootstrap-node> > >> > >> or > >> > >> <bootstrap-node> > >> <address>192.0.0.1</address> > >> <port proto="TLS">5678</port> > >> <port proto="DTLS">6789</port> > >> </bootstrap-node> > >> > >> The latter is a bit more verbose, but more consistent with the rest of the > >> schema preferring XML values over attributes. > >> > >> > >> Cheers, > >> Ari > >> > >> David A. Bryan wrote: > >>> Yep, I agree, that's kind of my thought as well, so for my part, I'd > >>> rather see the flag and make it a bit more explict. > >>> David (as individual) Sent from my mobile device > >>> -----Original Message----- From: Eric Rescorla <[email protected]> Date: > >>> Sun, 7 Mar 2010 11:42:22 To: [email protected]<[email protected]> > >>> Cc: Cullen Jennings, Ph.D.<[email protected]>; > >>> [email protected]<[email protected]>; Jouni > >>> Mäenpää<[email protected]>; > >>> [email protected]<[email protected]> Subject: Re: [P2PSIP] RELOAD overlay > >>> configuration document > >>> On Mar 7, 2010, at 11:30, "David A. Bryan" <[email protected]> > >>> wrote: > >>>> Would we add text indicating that different ports somehow imply > >>>> different transport/security mechanism > >>> If you mean use the port to indicate separate security mechanism without > >>> an explicit indicator in the config file, I don't see what that adds. > >>> Ekr _______________________________________________ P2PSIP mailing > >>> list [email protected] https://www.ietf.org/mailman/listinfo/p2psip > >> > > > > > > Cullen Jennings > > For corporate legal information go to: > > http://www.cisco.com/web/about/doing_business/legal/cri/index.html > > > > > > > > _______________________________________________ > > P2PSIP mailing list > > [email protected] > > https://www.ietf.org/mailman/listinfo/p2psip > > > Cullen Jennings For corporate legal information go to: http://www.cisco.com/web/about/doing_business/legal/cri/index.html _______________________________________________ P2PSIP mailing list [email protected] https://www.ietf.org/mailman/listinfo/p2psip
