Re: [Hipsec] I-D Action: draft-ietf-hip-rfc6253-bis-00.txt

Samu Varjonen <samu.varjonen@helsinki.fi> Fri, 05 April 2013 07:17 UTC

Return-Path: <samu.varjonen@helsinki.fi>
X-Original-To: hipsec@ietfa.amsl.com
Delivered-To: hipsec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 32DB921F96AE for <hipsec@ietfa.amsl.com>; Fri, 5 Apr 2013 00:17:27 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id iWWUWts7c2TV for <hipsec@ietfa.amsl.com>; Fri, 5 Apr 2013 00:17:26 -0700 (PDT)
Received: from argo.otaverkko.fi (argo.ipv6.otaverkko.fi [IPv6:2a02:4880:10:1000::2:25]) by ietfa.amsl.com (Postfix) with ESMTP id 1531921F96B8 for <hipsec@ietf.org>; Fri, 5 Apr 2013 00:17:22 -0700 (PDT)
Received: from [192.168.0.10] (cs181123160.pp.htv.fi [82.181.123.160]) by argo.otaverkko.fi (Postfix) with ESMTPSA id 2B5712184C for <hipsec@ietf.org>; Fri, 5 Apr 2013 10:17:19 +0300 (EEST)
Message-ID: <515E7A75.6000003@helsinki.fi>
Date: Fri, 05 Apr 2013 10:17:09 +0300
From: Samu Varjonen <samu.varjonen@helsinki.fi>
User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:17.0) Gecko/20130307 Thunderbird/17.0.4
MIME-Version: 1.0
To: hipsec@ietf.org
References: <20130401183023.13191.54752.idtracker@ietfa.amsl.com> <515BE4B3.5070302@helsinki.fi> <515C2448.7010008@cs.hut.fi>
In-Reply-To: <515C2448.7010008@cs.hut.fi>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
Subject: Re: [Hipsec] I-D Action: draft-ietf-hip-rfc6253-bis-00.txt
X-BeenThere: hipsec@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "This is the official IETF Mailing List for the HIP Working Group." <hipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/hipsec>, <mailto:hipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/hipsec>
List-Post: <mailto:hipsec@ietf.org>
List-Help: <mailto:hipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/hipsec>, <mailto:hipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 05 Apr 2013 07:17:27 -0000

3.4.2013 15:44, Miika Komu kirjoitti:
> Hi,
>
> should we fix the CERT parameters in RFC5201-bis to certain base
> exchange packets?
>

I would not fix the packets that may use the CERT parameter. In my 
opinion it is the extensions, such as the registration, own business in 
which packet they use the CERT parameter. Fixing the packets could also 
be trouble some for some future extensions. I would not fix the packets 
but rather I would give recommendations, like the one existing one that 
it may not be wise to put CERT parameters into I1.

> To integrate seamlessly with RFC5203-bis registration, R1-I2 is mostly
> likely a more ideal combination than R2-I2?
>
> On 04/03/2013 11:13 AM, Samu Varjonen wrote:
>> Hi all,
>>
>> I have some cycles that I can use to get this document forward. This is
>> the initial submission it does not differ from the RFC6253. What would
>> be the next steps for this document? Has anyone raised any
>> comments/questions that should be fixed before this can be taken
>> forward? To my knowledge there are none.
>>
>> BR,
>> Samu Varjonen
>>
>> On 01/04/13 21:30, internet-drafts@ietf.org wrote:
>>>
>>> A New Internet-Draft is available from the on-line Internet-Drafts
>>> directories.
>>>   This draft is a work item of the Host Identity Protocol Working
>>> Group of the IETF.
>>>
>>>     Title           : Host Identity Protocol Certificates
>>>     Author(s)       : Tobias Heer
>>>                            Samu Varjonen
>>>     Filename        : draft-ietf-hip-rfc6253-bis-00.txt
>>>     Pages           : 11
>>>     Date            : 2013-03-22
>>>
>>> Abstract:
>>>     The CERT parameter is a container for digital certificates.  It is
>>>     used for carrying these certificates in Host Identity Protocol (HIP)
>>>     control packets.  This document specifies the certificate parameter
>>>     and the error signaling in case of a failed verification.
>>>     Additionally, this document specifies the representations of Host
>>>     Identity Tags in X.509 version 3 (v3) and SPKI certificates.
>>>
>>>     The concrete use of certificates including how certificates are
>>>     obtained, requested, and which actions are taken upon successful or
>>>     failed verification are specific to the scenario in which the
>>>     certificates are used.  Hence, the definition of these scenario-
>>>     specific aspects are left to the documents that use the CERT
>>>     parameter.
>>>
>>>     This document updates RFC 5201.
>>>
>>>
>>> The IETF datatracker status page for this draft is:
>>> https://datatracker.ietf.org/doc/draft-ietf-hip-rfc6253-bis
>>>
>>> There's also a htmlized version available at:
>>> http://tools.ietf.org/html/draft-ietf-hip-rfc6253-bis-00
>>>
>>>
>>> Internet-Drafts are also available by anonymous FTP at:
>>> ftp://ftp.ietf.org/internet-drafts/
>>>
>>> _______________________________________________
>>> Hipsec mailing list
>>> Hipsec@ietf.org
>>> https://www.ietf.org/mailman/listinfo/hipsec
>>>
>>
>> _______________________________________________
>> Hipsec mailing list
>> Hipsec@ietf.org
>> https://www.ietf.org/mailman/listinfo/hipsec
>>
>
> _______________________________________________
> Hipsec mailing list
> Hipsec@ietf.org
> https://www.ietf.org/mailman/listinfo/hipsec