I'm reviewing RFC 4869 and it seems to under-specify the attributes that
are needed to achieve real interoperability: it doesn't specify whether to
do a phase 2 Diffie-Hellman exchange for perfect forward secrecy, nor does
it specify IKEv1 lifetime and lifesize values. So I am left having to
guess at what are appropriate values to use for these attributes. And
once I do choose particular values for PFS and lifesize, is it still
correct for me to use the RFC's suite names in reference to them?
Scott Moonen ([email protected])
z/OS Communications Server TCP/IP Development
http://scott.andstuff.org/
http://www.linkedin.com/in/smoonen
_______________________________________________
IPsec mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/ipsec
