| Re: Issue 171: IKEv2 over TCP | <– Date –> <– Thread –> |
From: Yoshihiro Ohba (yohba tari.toshiba.com)
|
|
| Date: Thu, 11 Sep 2003 23:14:48 -0500 (CDT) | |
I also found that "SHOULD" was replaced with "MAY". I like this replacement as well as the replacement of IKEv2 reference to PIC, because I think lower-layer retranmission conflicts with silent discarding of invalid messages in EAP (as I pointed out recently). Yoshihiro Ohba On Thu, Sep 11, 2003 at 04:33:46PM -0700, Bernard Aboba wrote: > Issue 171: IKEv2 over TCP > Submitter name: Bernard Aboba > Submitter email address: aboba [at] internaut.com > Date first submitted: 9/11/2003 > Reference: > Document: EAP-05 > Comment type: T > Priority: S > Section: 2.2, 4.3 > Rationale/Explanation of issue: > > IKEv2 runs over UDP, not TCP as implied in Section 2.2 and 4.3. > > In Section 2.2, change: > > "TCP [IKEv2]" to "TCP [PIC]". > > In Section 4.3, change: > > " When run over a reliable lower layer (e.g., EAP over ISAKMP/TCP, as > within [IKEv2]), the authenticator retransmission timer SHOULD be set > to an infinite value, so that retransmissions do not occur at the EAP > layer. The peer may still maintain a timeout value so as to avoid > waiting indefinitely for a Request." > > To: > > " When run over a reliable lower layer (e.g., EAP over ISAKMP/TCP, as > within [PIC]), the authenticator retransmission timer MAY be set > to an artificially high value, so that retransmissions do not occur > at the EAP layer. The peer may still maintain a timeout value so > as to avoid waiting indefinitely for a Request." > > _______________________________________________ > eap mailing list > eap [at] frascone.com > http://mail.frascone.com/mailman/listinfo/eap
-
Issue 171: IKEv2 over TCP Bernard Aboba, September 11 2003
- Re: Issue 171: IKEv2 over TCP Yoshihiro Ohba, September 11 2003
Results generated by Tiger Technologies using MHonArc.