Re: [IPsec] draft-kivinen-ipsecme-esp-null-heuristics comments

[Yaron Sheffer <yaronf at checkpoint.com>]

Hi Gabriel,

Since we are still in the midst of technical discussion, I am perfectly willing to wait a few more days and then directly ask Tero and Dan, as well as other supporters of the heuristics approach, for their opinion in the matter. I believe this would be more fruitful than interpreting the wording of their draft. In the meantime, I'd like to focus on this technical discussion and ensure that we've explored as many issues as we can.

Thanks,
        Yaron

> -----Original Message-----
> From: gabriel montenegro [mailto:g_e_montenegro at yahoo.com]
> Sent: Saturday, February 07, 2009 1:53
> To: Paul Hoffman; Yaron Sheffer; Dragan Grebovich; Yoav Nir;
> ipsec at ietf.org
> Subject: Re: [IPsec] draft-kivinen-ipsecme-esp-null-heuristics comments
>
> Thanks for the clarification. If I could ask for further clarification
> here: is there much support
> for the claim that heuristics is sufficient for ALL scenarios now and in
> the future
> (approach #2 as noted by the chairs below)?
>
> The reason I ask is that Tero/Dan themselves don't seem to espouse this
> view.
> At least that is what their draft says in the introduction:
>
>    To make sure that any solution does not break in the
>    future it would be best if such heuristics are documented, i.e. we
>    need to publish an RFC for what to do now even when there might be a
>    new protocol coming in the future that will solve the same problem
>    better.
> This talks about co-existence of heuristics with another approach
> (presumably deterministic),
> which is the approach #1 as noted by the chairs below.
>
> I agree with approach #1, of course, so was glad to see that in Tero's
> draft, but
> would like to be corrected if somehow I'm misreading the above text.
>
> thanks,
>
> Gabriel
>
>
>
> ----- Original Message ----
> > From: Paul Hoffman <paul.hoffman at vpnc.org>
> > To: Yaron Sheffer <yaronf at checkpoint.com>; gabriel montenegro
> <g_e_montenegro at yahoo.com>; Dragan Grebovich <dragan at nortel.com>; Yoav Nir
> <ynir at checkpoint.com>; "ipsec at ietf.org" <ipsec at ietf.org>
> > Sent: Thursday, February 5, 2009 5:00:20 AM
> > Subject: Re: [IPsec] draft-kivinen-ipsecme-esp-null-heuristics comments
> >
> > At 9:52 AM +0200 2/5/09, Yaron Sheffer wrote:
> > >Hi Gabriel,
> > >
> > >This thread is precisely the discussion that Paul mentions.
> > >
> > >The two alternatives I see on the table right now (Paul might have
> different
> > opinions) are:
> > >
> > >-          Publish a modified/wrapped ESP as Standards Track, and
> heuristics as
> > an extra Informational.
> > >-          Decide that heuristics are a sufficient solution for the
> problem,
> > and publish it as the only ipsecme work item related to this charter
> item.
> > >
> > >Paul and I would like to see more discussion and hopefully WG consensus
> being
> > formed, now that we have a real heuristics I-D for everyone to analyze.
> >
> > I fully agree with Yaron on all counts. If the WG thinks that heuristics
> is
> > sufficient, we should not publish a protocol change. If the WG doesn't
> think
> > heuristics are sufficient, the authors can publish it as an individual
> > submission or an independent submission.
> >
> > --Paul Hoffman, Director
> > --VPN Consortium
> > _______________________________________________
> > IPsec mailing list
> > IPsec at ietf.org
> > https://www.ietf.org/mailman/listinfo/ipsec
>
> Scanned by Check Point Total Security Gateway.
>
> Scanned by Check Point Total Security Gateway.

Email secured by Check Point