IETF Logo Mail Archive

Re: [I2nsf] [IPsec] [Last-Call] New Version Notification for draft-ietf-i2nsf-sdn-ipsec-flow-protection-11.txt

Yoav Nir <ynir.ietf@gmail.com> Sat, 31 October 2020 18:28 UTC

Return-Path: <ynir.ietf@gmail.com>
X-Original-To: i2nsf@ietfa.amsl.com
Delivered-To: i2nsf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 776843A0A1F; Sat, 31 Oct 2020 11:28:20 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Level:
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZYq-u4A6qZdM; Sat, 31 Oct 2020 11:28:19 -0700 (PDT)
Received: from mail-ed1-x530.google.com (mail-ed1-x530.google.com [IPv6:2a00:1450:4864:20::530]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 178A43A0A1D; Sat, 31 Oct 2020 11:28:19 -0700 (PDT)
Received: by mail-ed1-x530.google.com with SMTP id dg9so9995168edb.12; Sat, 31 Oct 2020 11:28:19 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=rogoc34AoQgRRGmf7+AIwrRVGZGquvGHX+3rKTcfijs=; b=FVznnodqQxlhXxO06b7HIP27QQ9vrN44LDtS6gVEp09YATAxItsihMYE5skSfjFrAh YEyPodtr3Eh7KFAuXT3eJUOo9babibjPBcg6C3g+MGEMMQ9t1LDDNH0KijFLUjMX1RF1 A49TAVPAmEU2FnuqHHrjVLP0oa2v2O9qovas11kKHye7zws+HGjUyb67ZnJVoUHbJ89B P4pL8JQeXo3IlNi1b239HA64bFDl8GmsK7jY0Qp/XtYx59ac3tXCvMIsQpXnc0Ynx6ba //LF8+8DGzfS2e8t0DGhAhYYtn2wjrsxHkkrLMYTgUPtrqn2ENvUJh8Zhoe/PMnGGtwZ 0AtQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=rogoc34AoQgRRGmf7+AIwrRVGZGquvGHX+3rKTcfijs=; b=XVU21YCAYipQgebU2dOklctaDg9Utwf7kClj5XxuBuloC6OAC7mgNjX5U8YMBvCUkT yrReLHVZ43HZu0e65hDlMpq/5RrsLt3ylwGhA3F0d+mvVvIrA6yyVZnPKmuOAh8kD0uh 3HTH0evf1caWijBsgDS+x0bL0iDFD9m7NSLjldYVZXAS31W3ZSVla4zRxA+3Osu4PKqb SrDDmC3699Uet+xE8+rjSo9YTtvTiNjE0/c1xz9sld3/wDjHkoJum1d4VXm84WjCwftx Rv/Z7gqUt9sEFCno651NS+qnofTVja2Zc8iutIgHNfzHkjcCI6im12GlPfXQ1FxCvaGF qFJg==
X-Gm-Message-State: AOAM531C48jDjY/iXXWJJOznVfKWRKQeir/3qFyyOAGl/JrBswJWFa09 54zDrYt7bZmCXn6ii9SqQwg=
X-Google-Smtp-Source: ABdhPJwlqemdjGj47soKonBx7DKCacJ4obB00Y+pfizr/z9ri86a67aFlhDpqMPbiUFeA0CwAzQ3fQ==
X-Received: by 2002:a50:e087:: with SMTP id f7mr8597169edl.96.1604168897400; Sat, 31 Oct 2020 11:28:17 -0700 (PDT)
Received: from [192.168.1.15] ([46.120.57.147]) by smtp.gmail.com with ESMTPSA id rn28sm4848615ejb.22.2020.10.31.11.28.14 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Sat, 31 Oct 2020 11:28:16 -0700 (PDT)
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 13.4 \(3608.120.23.2.4\))
From: Yoav Nir <ynir.ietf@gmail.com>
In-Reply-To: <5F9D62C0.5030908@btconnect.com>
Date: Sat, 31 Oct 2020 20:28:13 +0200
Cc: Tero Kivinen <kivinen@iki.fi>, Roman Danyliw <rdd@cert.org>, "ipsec@ietf.org" <ipsec@ietf.org>, "i2nsf@ietf.org" <i2nsf@ietf.org>, Gabriel Lopez <gabilm@um.es>, Fernando Pereniguez-Garcia <fernando.pereniguez@cud.upct.es>, "last-call@ietf.org" <last-call@ietf.org>, Rafa Marin-Lopez <rafa@um.es>
Content-Transfer-Encoding: quoted-printable
Message-Id: <10736BF3-4833-4129-A3E2-B680696A80B5@gmail.com>
References: <160337357077.29083.9236626834026808055@ietfa.amsl.com> <EE5AB669-73BB-4517-A6F4-23B7807FB36E@um.es> <5F9815D1.9010303@btconnect.com> <DDE550B1-9A9E-4954-B6F9-C0A33ECE1275@um.es> <5F99B221.3040504@btconnect.com> <56155C91-BFE8-4BA9-A55C-46B12E59CD94@um.es> <5F9AEFD3.90903@btconnect.com> <059aaae84a354411ad1023afa2a837ba@cert.org> <5F9BF578.6000101@btconnect.com> <834a668ac559460a9f356bbb6c16b8fd@cert.org> <24476.38596.868667.906930@fireball.acr.fi> <5F9D62C0.5030908@btconnect.com>
To: tom petch <daedulus@btconnect.com>
X-Mailer: Apple Mail (2.3608.120.23.2.4)
Archived-At: <https://mailarchive.ietf.org/arch/msg/i2nsf/EY09Q1LT7_R0zYYVaYGw0ncEZek>
Subject: Re: [I2nsf] [IPsec] [Last-Call] New Version Notification for draft-ietf-i2nsf-sdn-ipsec-flow-protection-11.txt
X-BeenThere: i2nsf@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "*I2NSF: Interface to Network Security Functions mailing list*" <i2nsf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/i2nsf>, <mailto:i2nsf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/i2nsf/>
List-Post: <mailto:i2nsf@ietf.org>
List-Help: <mailto:i2nsf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/i2nsf>, <mailto:i2nsf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 31 Oct 2020 18:28:20 -0000


> On 31 Oct 2020, at 15:12, tom petch <daedulus@btconnect.com> wrote:
> 
> On 30/10/2020 22:42, Tero Kivinen wrote:
>> Roman Danyliw writes:
>>>>>> It seems to me that the IANA entries for IKEv2 are incomplete.
>>>>>> RFC8247 does a fine job of specifying algorithms and adding
>>>>>> information such as status (MUST/SHOULD+), IoT, AEAD and so on,
>>>>>> information which is not present on IANA.  The policy for, e.g.
>>>>>> Transform Type 1, is expert review and entries have been added via
>>>>>> draft-smyslov-esp-gont but the IANA entries lack this information
>>>>>> and, looking at the I-D, I see no such information (nor is there any
>>>>>> reason for it to be there).  Yet draft-ietf-i2nsf-sdn... needs
>>>>>> this information as references in the YANG module show.
>> 
>> I am lost what information is missing from the IANA registry.
> 
> 
> Tero
> 
> Thanks for getting back to me.  What is missing from the IANA registry is the guidance as to the status of the algorithm, how highly it is recommended or not.  This I-D tells people to go to RFC8247 and the IANA Registry for advice; RFC8247 gives that advice; the IANA web page does not.

It’s possible to add a column in the IANA registry, but it is not possible to capture the information from 8247 in such a table. 

RFC 8247 has “MAY” and “SHOULD+” labels, but it also has comments and a bunch of explanation, such as that some algorithm is a SHOULD for IoT, but not otherwise. I think it’s better to point people at the RFC where the information is, rather than post very partial information in an IANA table.

Yoav

v2.23.0 | Report a Bug | By Email