[anonsec] Dan's comments (Re: Connection Latching draft review (draft-ietf-btns-connection-latching-04.txt))
kent at bbn.com
Mon Jan 14 13:57:29 PST 2008
At 3:42 PM -0600 1/14/08, Nicolas Williams wrote:
>On Mon, Jan 14, 2008 at 04:18:03PM -0500, Stephen Kent wrote:
>> Nico & Dan,
>> the SPD has always been a persistent database. the newly added PAD
>> also is persistent. It's the SAD that is transient, i.e., need not
>Had I gotten this wrong? No. Dan may not be totally up to speed with
>RFC4301 terminology, but I wouldn't dismiss what he has to say on
>account of that.
since, as I said, the SPD has ALWAYS been defined as persistent, this
misunderstanding is not attributable to a lack of familiarity with
> > have any entries unless SAs have been created, and those entries
>> vanish when the SAs they represent vanish. The notion of dynamic
>> modification of the SPD is a relatively new concept, not part of the
>> original design, but not ruled out by it. Also note that the
>> de-correlated SPD model introduced in 4301 works very well for a
>> persistent database, but could be costly to maintain if the SPD is
>> frequently updated.
>Are you asking that the connection latching I-D address how to perform
>dynamic updates of a de-correlated SPD?
no. I was just noting the most recent (2 years old) text supporting
the fact that the SPD was not nominally viewed as dynamic.
More information about the ANONSEC