Hello all, I myself do not like the current method for detecting that a peer has lost state (generally this means waiting for a number of retransmits, whom each of which has a time out). In my opinion this would be a good item for the WG to work on and would enhance IKEv2. I would like to review the draft. If time permits, I would be interested to contribute text, but I cannot say that for sure right now.
Regards, Matt 2009/12/2 Raj Singh <rsjen...@gmail.com> > Hi Team, > > According to me, we need to support this draft as WG item as it appears to > enhance the failure detection time. > Currently, there are many scenarios, in which we detect and delete stale SA > only by max. re-transmits. > I would like to review this draft. > > Regards, > Raj > > 2009/11/29 Yaron Sheffer <yar...@checkpoint.com> > >> This work item proposes an IKEv2 extension to allow an IKE peer to quickly >> and securely detect that its opposite peer has lost state. This is claimed >> to be quicker than the current method, which is based on time outs. >> >> Proposed starting point: >> http://tools.ietf.org/id/draft-nir-ike-qcd-05.txt or >> http://tools.ietf.org/html/draft-detienne-ikev2-recovery-03. >> >> Please reply to the list: >> >> - If this proposal is accepted as a WG work item, are you committing to >> review multiple versions of the draft? >> - Are you willing to contribute text to the draft? >> - Would you like to co-author it? >> >> Please also reply to the list if: >> >> - You believe this is NOT a reasonable activity for the WG to spend time >> on. >> >> If this is the case, please explain your position. Do not explore the fine >> technical details (which will change anyway, once the WG gets hold of the >> draft); instead explain why this is uninteresting for the WG or for the >> industry at large. Also, please mark the title clearly (e.g. "DES40-export >> in IPsec - NO!"). >> _______________________________________________ >> IPsec mailing list >> IPsec@ietf.org >> https://www.ietf.org/mailman/listinfo/ipsec >> > > > _______________________________________________ > IPsec mailing list > IPsec@ietf.org > https://www.ietf.org/mailman/listinfo/ipsec > >
_______________________________________________ IPsec mailing list IPsec@ietf.org https://www.ietf.org/mailman/listinfo/ipsec
