I'm ok with removing the sentence. Scott Moonen (smoo...@us.ibm.com) z/OS Communications Server TCP/IP Development http://www.linkedin.com/in/smoonen
From: Paul Hoffman <paul.hoff...@vpnc.org> To: Tero Kivinen <kivi...@iki.fi>, ipsec@ietf.org Date: 12/10/2009 03:00 PM Subject: Re: [IPsec] #125: inconsistency in the section 2.9 Does anyone have an opinion on Tero's suggestion to remove the sentence? --Paul Hoffman At 3:29 PM +0200 12/1/09, Tero Kivinen wrote: >The section 2.9 has text which says: >---------------------------------------------------------------------- >2.9. Traffic Selector Negotiation > > ... Since the two endpoints may be configured by different > people, the incompatibility may persist for an extended period even > in the absence of errors. It also allows for intentionally different > configurations, as when one end is configured to tunnel all addresses > and depends on the other end to have the up-to-date list. > > ... > > ... This case > will occur only when the initiator and responder are configured > differently from one another. If the initiator and responder agree > on the granularity of tunnels, the initiator will never request a > tunnel wider than the responder will accept. Such misconfigurations > should be recorded in error logs. >---------------------------------------------------------------------- > >So the first part says that traffic selectors may be different on >initiator's and responder's policy and that such a configuration may >be intentional. > >Then the second part calls such configuration misconfigurations and >require such events to be logged. > >This is bit inconsistent, and I think the second part should be >modified so that the last sentence is removed, or rephrased. >-- >kivi...@iki.fi >_______________________________________________ >IPsec mailing list >IPsec@ietf.org >https://www.ietf.org/mailman/listinfo/ipsec _______________________________________________ IPsec mailing list IPsec@ietf.org https://www.ietf.org/mailman/listinfo/ipsec
_______________________________________________ IPsec mailing list IPsec@ietf.org https://www.ietf.org/mailman/listinfo/ipsec
