On 1/12/20 10:35 PM, Benjamin Kaduk wrote:
On Fri, Jan 10, 2020 at 12:01:39AM -0800, Dan Harkins wrote:
On 12/23/19 10:46 AM, Benjamin Kaduk wrote:
Since we're in pedantic process mode...
[snip]
Perhaps something like "IKEv1 is no longer relevant for Internet
systems" would work, though I suspect we could even get away without such
an intro sentence and just dive in straight with "Systems running IKEv1
should be upgraded and reconfigured to run IKEv2.
See that's the thing. There is nothing compelling to force the change
away
from "no longer relevant" so people still use it. If there was something
compelling to make people want to change we wouldn't be forced to do this,
sigh, die die die nonsense. Perhaps, "we're the IETF and we are really
serious now". That should dispel all doubt in whoever happens to read this
RFC. That way we won't need a die die die die or a die die die die die die.
I'm only aboue 95% sure I'm parsing you properly -- you're saying that if
there was a clear reason to move from IKEv1 to IKEv2 the market would have
done it already and we wouldn't be bothering with a doc like this? That
is, that what we're really doing is akin to "we're the IETF and we
pinky-swear that we're not going to touch this anymore" as opposed to "here
is a list of the ways that using IKEv1 is going to bite you"?
Yes, that's what I'm saying. From discussing this over the past few
meetings
it seems the motivation for this is because people are still getting
pressure
in their companies to work on IKEv1 or support IKEv1 or whatever and
people want
it to go away. But they're losing that argument at work so they want a
document
with the imprimatur of the IETF that they can wave at the PLM person (or
whoever)
and say, "SEE! IT'S DEAD! Finished. No more. Over. The IETF has spoken!"
So my "we're the IETF and we're serious this time" was sarcastic (and
that comes
out poorly in email, hence the parsing difficulty) because I don't think
this is
what the RFC process is for.
IKEv1 is done, it's over, it's dead. It's been like that for more
than a decade.
We already made a statement that we won't touch IKEv1 anymore and we
made that
statement fifteen years ago. And we're still doing "die die die" stuff
that's now
been refashioned into a "graveyard" effort in order to address the sensitive
sensibilities of the new IETF, but it's still the same thing. It's
trying add an
underscore and an exclamation point to a statement that was already
made. Because
we're really serious this time-- it's in the graveyard!
Dan.
_______________________________________________
IPsec mailing list
IPsec@ietf.org
https://www.ietf.org/mailman/listinfo/ipsec
