[Gen-art] Re: Gen-ART review of draft-ietf-v6ops-ipsec-tunnels-04.txt
Mohan Parthasarathy <mohanp@sbcglobal.net> Tue, 12 December 2006 23:02 UTC
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1GuGdh-00026S-FY; Tue, 12 Dec 2006 18:02:21 -0500
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GuGTC-0003ED-3S for gen-art@ietf.org; Tue, 12 Dec 2006 17:51:30 -0500
Received: from web80613.mail.yahoo.com ([66.94.235.80]) by ietf-mx.ietf.org with smtp (Exim 4.43) id 1GuGTA-0006As-E1 for gen-art@ietf.org; Tue, 12 Dec 2006 17:51:30 -0500
Received: (qmail 68696 invoked by uid 60001); 12 Dec 2006 22:51:25 -0000
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=sbcglobal.net; h=Message-ID:Received:Date:From:Subject:To:Cc:MIME-Version:Content-Type:Content-Transfer-Encoding; b=2MUX4i81PlcL0iZ9+eKBmSkxTaRtAOQAI2TSdCeIiYQ0ePEGNA8LCWaFs/AnISlg1xJGlWkYFsGSdazvW8ktBAqIAZ+09vXMDJjLM2vWtJ8M2fEIJwuqUhMYwJAWhy8/u0gV6qjV4FiFZ4lNh70jEHlGFDY5CzF2BjtN6N18pNk= ;
Message-ID: <20061212225125.68694.qmail@web80613.mail.yahoo.com>
Received: from [192.100.104.17] by web80613.mail.yahoo.com via HTTP; Tue, 12 Dec 2006 14:51:25 PST
Date: Tue, 12 Dec 2006 14:51:25 -0800
From: Mohan Parthasarathy <mohanp@sbcglobal.net>
To: Black_David@emc.com, gen-art@ietf.org, rfg@acm.org, psavola@funet.fi, Hannes.Tschofenig@siemens.com
MIME-Version: 1.0
Content-Type: text/plain; charset="ascii"
Content-Transfer-Encoding: quoted-printable
X-Spam-Score: 0.0 (/)
X-Scan-Signature: ffa9dfbbe7cc58b3fa6b8ae3e57b0aa3
X-Mailman-Approved-At: Tue, 12 Dec 2006 18:02:20 -0500
Cc: david.kessens@nokia.com, fred.baker@cisco.com, kurtis@kurtis.pp.se
Subject: [Gen-art] Re: Gen-ART review of draft-ietf-v6ops-ipsec-tunnels-04.txt
X-BeenThere: gen-art@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "GEN-ART: General Area Review Team" <gen-art.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/gen-art>, <mailto:gen-art-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/gen-art>
List-Post: <mailto:gen-art@ietf.org>
List-Help: <mailto:gen-art-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/gen-art>, <mailto:gen-art-request@ietf.org?subject=subscribe>
Errors-To: gen-art-bounces@ietf.org
David, Thanks for the review. I am trying to understand the "interface" related comments that you made. >Section 5.2 discusses the consequences of whether the endpoint >of an IPsec tunnel-mode SA is modeled as an IPv6 interface or >not. It should say that there is always an IPv6 interface at >the endpoint of a IPv6-in-IPv4 tunnel, and the discussion of >whether to model the SA as an interface is concerned with >whether the functionality of an IPv6 interface is realized by >the IPsec SA or outside of it. > In some implementations e.g., linux, to protect the traffic using IPsec tunnel mode SA, traffic matching the selectors is given to IPsec for protecting the traffic. IPsec is just another software module that is neither visible as an interface nor in the routing tables. By this it means that IPsec is not modeled as an interface at all. If in addition to the above, IPsec creates an interface and hence visible to routing so that it can get packets matching the route pointing to the interface rather than through "traffic selectors matching". By this it means that IPsec is modeled as an interface. These are the models that this document is talking about. So, how can we say that there is always an interface ? Could you clarify further ? -thanks mohan >It should also be stated that all uses of the word "interface" >refer to an IPv6 interface, and that the phrase "tunnel interface" >refers to an IPv6 interface at the endpoint of an IPv6-in-IPv4 >tunnel, independent of whether the tunnel is realized by IPsec >tunnel mode. The end of Section 1 would be a good place to >do this. The use of the phrase "IP interface" in Section A.1 >is considerably clearer than the use of "interface" without "IP" >n Section 5.2 - using "IP interface" throughout Section 5.2 >(and for that matter the entire draft) would improve readability. _______________________________________________ Gen-art mailing list Gen-art@ietf.org https://www1.ietf.org/mailman/listinfo/gen-art
- [Gen-art] Gen-ART review of draft-ietf-v6ops-ipse… Black_David
- [Gen-art] Re: Gen-ART review of draft-ietf-v6ops-… Fred Baker
- [Gen-art] Re: Gen-ART review of draft-ietf-v6ops-… Pekka Savola
- [Gen-art] Re: Gen-ART review of draft-ietf-v6ops-… Mohan Parthasarathy
- [Gen-art] Re: Gen-ART review of draft-ietf-v6ops-… Mohan Parthasarathy
- [Gen-art] RE: Gen-ART review of draft-ietf-v6ops-… Black_David
- [Gen-art] Re: Gen-ART review of draft-ietf-v6ops-… Fred Baker
- [Gen-art] Re: Gen-ART review of draft-ietf-v6ops-… Mohan Parthasarathy
- [Gen-art] RE: Gen-ART review of draft-ietf-v6ops-… Black_David
- [Gen-art] Re: Gen-ART review of draft-ietf-v6ops-… Pekka Savola
- [Gen-art] Re: Gen-ART review of draft-ietf-v6ops-… Mohan Parthasarathy
- RE: [Gen-art] Re: Gen-ART review ofdraft-ietf-v6o… Black_David