Re: Important question about draft-ietf-ipsec-doi-tc-mib-07.txt

["Randy Presuhn" <randy_presuhn@mindspring.com>]

Hi -

> From: "C. M. Heard" <heard@pobox.com>
> To: "Mreview (E-mail)" <mreview@ops.ietf.org>
> Sent: Monday, April 07, 2003 4:47 PM
> Subject: Re: Important question about draft-ietf-ipsec-doi-tc-mib-07.txt
...
> The semantic ambiguity in this case is inherent in the data that
> they are trying to represent, which are the values of certain fields
> in the IPsec-related protocols.  Those fields have some ranges of
> values reserved for registered values and other ranges reserved "for
> private use between concenting parties".
>
> What the Randy's and Andy's comments are saying -- if I understand
> them correctly -- is that enumerated INTEGERs are not the right way
> to represent such data, not because of some technical violation of
> RFC 2578, but because such usage violates the semantics that are
> commonly expected of enumerated INTEGERs.  I tend to agree with
> that, and have suggested to the MIB author that a subranged
> Unsigned32 would be a more appropriate choice.
...

I get the feeling that the registry policy descriptions aren't as clearly
separated from the TC semantics as they should be.  For example,
part of the IkeExchangeType range is spelled out in the TC definition,
but the meanings of another part of that range is "private use" , and
of another part of the range "for the IPsec DOI used by IKE."   The former
is actually small enough that it would be reasonable to document
each as "privateUseN (N)".  The latter can be read either as a description
of registry policy, or as the definition of a bunch of values that can only
be interpreted in "the IPsec DOI used by IKE" context, which would suggest
that one would need an additional object or other information to make sense
of an object defined using this TC.

Randy