|
List Info Thread: I-D Submission: Extension of ICMP Security Failures Messages
[1]
|
||||||||||||
|
about | contact Other archives ( Real Estate discussion Medical topics ) |
||||||||||||
I-D Submission: Extension of ICMP Security Failures Messages |
|
List Info Thread: I-D Submission: Extension of ICMP Security Failures Messages
[1]
|
||||||||||||
|
about | contact Other archives ( Real Estate discussion Medical topics ) |
||||||||||||
alcatel-sbell.com.cn> writes:
CTO> Hi, dear all, I just submitted an I-D to this WG
of btns. Here's a
CTO> brief introduction of this I-D and the reason
why I choose this
CTO> group for this submission.
CTO> 1. This I-D is about icmp message extension for
IPSec failure
CTO> reporting. It is closely tied with the IPSec
protocol suite which is
CTO> used for trouble shooting when IPSec (both the
traditional IPSec
CTO> (authenticated SA) and the new one proposed by
this WG
CTO> (unauthenticated SA)) is deployed for secure
communications. With
I scanned your document quickly.
You'll need to tell us who is sending, and who is
receiving, and why
the receiver can expect to trust the information being
provided.
If the receiver can not trust that the ICMP is legitimate,
then you need to
tell us what behaviour the sender should take to verify that
the complaint is
legitimate, or what things it might do.
Assume that all ICMP messages can be forged.
_______________________________________________