[anonsec] Dan's comments (Re: Connection Latching draft review (draft-ietf-btns-connection-latching-04.txt))
Nicolas.Williams at sun.com
Mon Jan 14 13:42:46 PST 2008
On Mon, Jan 14, 2008 at 04:18:03PM -0500, Stephen Kent wrote:
> Nico & Dan,
> the SPD has always been a persistent database. the newly added PAD
> also is persistent. It's the SAD that is transient, i.e., need not
Had I gotten this wrong? No. Dan may not be totally up to speed with
RFC4301 terminology, but I wouldn't dismiss what he has to say on
account of that.
> have any entries unless SAs have been created, and those entries
> vanish when the SAs they represent vanish. The notion of dynamic
> modification of the SPD is a relatively new concept, not part of the
> original design, but not ruled out by it. Also note that the
> de-correlated SPD model introduced in 4301 works very well for a
> persistent database, but could be costly to maintain if the SPD is
> frequently updated.
Are you asking that the connection latching I-D address how to perform
dynamic updates of a de-correlated SPD?
More information about the ANONSEC