[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: visibility of identifier in shim6 payload packet

To: "Henderson, Thomas R" <thomas.r.henderson@boeing.com>
Subject: Re: visibility of identifier in shim6 payload packet
From: Francis Dupont <Francis.Dupont@point6.net>
Date: Wed, 02 Aug 2006 13:10:04 +0200
Cc: "Shinta Sugimoto" <shinta@sfc.wide.ad.jp>, "shim6-wg" <shim6@psg.com>
In-reply-to: Your message of Tue, 01 Aug 2006 11:40:15 PDT. <77F357662F8BFA4CA7074B0410171B6D01A2F529@XCH-NW-5V1.nw.nos.boeing.com>

 In your previous mail you wrote:

   My understanding of the potential problem is as follows:
   
   - there are multiple ways to implement IPsec:  BITW, BITS, and native
   
=> note these multiple ways are supposed to provide the same service.

   - BITS and BITW operate below the IP layer.  If these types of IPsec
   implementations talk to each other, there should be no problem if the
   SPD/SAD is defined on the basis of the locators.

=> the choice of the relative positions of IPsec and SHIM6 sublayers
was done and *must* not rely on implementation details (including
native or not native).

   For the native-to-non-native case, this seems to me to be related to the
   IKE NAT traversal problem (RFC3947).

=> BTW the word NAT is authorized in an IPv6 list only with strong
negative terms (:-).

To summary you are following the wrong way: RFC 4301 introduces some ways
to provide the same services, not different services.

Regards

Francis.Dupont@point6.net

References:
- RE: visibility of identifier in shim6 payload packet
  - From: "Henderson, Thomas R" <thomas.r.henderson@boeing.com>

Prev by Date: Re: visibility of identifier in shim6 payload packet (was: Re: IPsec !?...)
Next by Date: Re: visibility of identifier in shim6 payload packet (was: Re: IPsec !?...)
Previous by thread: RE: visibility of identifier in shim6 payload packet
Next by thread: Re: visibility of identifier in shim6 payload packet (was: Re: IPsec !?...)
Index(es):
- Date
- Thread