Hi Dan
I have no opinion about the level of review needed for changes to IKEv1, and I
share your unhappiness with the way PAKE turned out.
If I had to guess the reasons for the slow adoption of IKEv2, I would guess
that it's because IKEv1 (with XAuth/hybrid, Config, odd-numbered messages, and
Yoav == Yoav Nir y...@checkpoint.com writes:
Yoav If I had to guess the reasons for the slow adoption of IKEv2,
Yoav I would guess that it's because IKEv1 (with XAuth/hybrid,
Yoav Config, odd-numbered messages, and poor PSK support for mobile
Yoav peers) just works. The big
On Mar 28, 2012, at 2:12 PM, Michael Richardson wrote:
Yoav == Yoav Nir y...@checkpoint.com writes:
Yoav If I had to guess the reasons for the slow adoption of IKEv2,
Yoav I would guess that it's because IKEv1 (with XAuth/hybrid,
Yoav Config, odd-numbered messages, and poor PSK
Dan Harkins writes:
We can't always get what we want and we should be reasonable in
understanding that. If we could wave a magic wand and grant your wish
that would be good; we can't. And given the limits to our power we
have to accept that what will happen is people will continue to use
Dan Harkins writes:
That's a really good point. Had it been Specification Required all
along XAUTH might've gotten an official code point. And who knows maybe
one of the j-random proposals might be just that. But IKEv1 really is
pretty done. At this point I'm pretty sure that j would be
I think IETF Review would be good compromise for this as it would
make it easier than Standard Track RFC, but would satisfy those who
do not want to have it as lower as Specification Required is...
Summarizing my views:
- Specification Required is an unacceptably low bar for this sort of