Hi Zhang Dong,
ZhangDong wrote:
#1.
The incentive of the draft is to provide a alternate way to negotiate
esp
sa, it will be helpful if more merits of this new approach can be discussed,
especially compared with IKEv2.
[Dong] Ok, I will consider it and add this part in the following version.
What you are suggesting is an opportunistic approach. If CERTS are not
used, how do you plan to solve the initial leap of faith? If CERTS are
used, what is the advantage in using your approach?
#2.
I noticed that IKE and IKEv2 were used alternately in the draft, and
some
sentense like "CGA-SA MAY be used in all the scenarios where IKE is
available. The usage scenarios of IKE are stated in [RFC4306]." is
confusing. It will be good if you clarify which one you are talking
about or both.
[Dong] Yes, this problem will be revised.
In case of IKEv2, it would be good to replace links to RFC2401 with RFC4301.
Regarding RFC4301 and SPs, i fail to understand why did you omit the
traffic selector payload from the negotiation? How will the traffic
selector negotiation be done?
Ana
_______________________________________________
CGA-EXT mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/cga-ext
