[I2nsf] [IPsec] Fwd: I-D Action: draft-ietf-i2nsf-sdn-ipsec-flow-protection-05.txt

Tero Kivinen <kivinen@iki.fi> Mon, 22 July 2019 14:52 UTC

Return-Path: <kivinen@iki.fi>
X-Original-To: i2nsf@ietfa.amsl.com
Delivered-To: i2nsf@ietfa.amsl.com
Received: from localhost (localhost []) by ietfa.amsl.com (Postfix) with ESMTP id A4C22120286; Mon, 22 Jul 2019 07:52:43 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.419
X-Spam-Status: No, score=-3.419 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_NONE=0.001, SPF_NEUTRAL=0.779, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id jg6n0IX1mEap; Mon, 22 Jul 2019 07:52:42 -0700 (PDT)
Received: from mail.kivinen.iki.fi (fireball.acr.fi []) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 05D6B1202C0; Mon, 22 Jul 2019 07:52:41 -0700 (PDT)
Received: from fireball.acr.fi (localhost []) by mail.kivinen.iki.fi (8.15.2/8.15.2) with ESMTPS id x6MEqZZm006928 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Mon, 22 Jul 2019 17:52:35 +0300 (EEST)
Received: (from kivinen@localhost) by fireball.acr.fi (8.15.2/8.14.8/Submit) id x6MEqXs2018687; Mon, 22 Jul 2019 17:52:33 +0300 (EEST)
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Message-ID: <23861.52657.34874.178244@fireball.acr.fi>
Date: Mon, 22 Jul 2019 17:52:33 +0300
From: Tero Kivinen <kivinen@iki.fi>
To: Rafa Marin-Lopez <rafa@um.es>
Cc: i2nsf@ietf.org, "ipsec\@ietf.org WG" <ipsec@ietf.org>, <fernando.pereniguez@cud.upct.es>, Gabriel Lopez <gabilm@um.es>, mbj@tail-f.com
In-Reply-To: <4E36A715-3B6C-4BDF-A149-9E10574E3F96@um.es>
References: <156253524318.473.14686910090362577746@ietfa.amsl.com> <4E36A715-3B6C-4BDF-A149-9E10574E3F96@um.es>
X-Mailer: VM 8.2.0b under 25.1.1 (x86_64--netbsd)
X-Edit-Time: 4 min
X-Total-Time: 4 min
Archived-At: <https://mailarchive.ietf.org/arch/msg/i2nsf/qCb3Wc3MhJQS167QiNOwtmEcAO0>
Subject: [I2nsf] [IPsec] Fwd: I-D Action: draft-ietf-i2nsf-sdn-ipsec-flow-protection-05.txt
X-BeenThere: i2nsf@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "*I2NSF: Interface to Network Security Functions mailing list*" <i2nsf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/i2nsf>, <mailto:i2nsf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/i2nsf/>
List-Post: <mailto:i2nsf@ietf.org>
List-Help: <mailto:i2nsf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/i2nsf>, <mailto:i2nsf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 22 Jul 2019 14:52:48 -0000

Rafa Marin-Lopez writes:
> We submitted a new version of the I-D (v05) where we have applied several
> changes. In the following you have a summary of the main changes, which we
> will expand/explain during our presentation: 

I put that on my to-read queue. Cannot promise when I have time
to read it.

> - In order to specify the crypto-algorithms we have used a simple approach by
> including an integer and adding a text pointing the IANA in the reference
>  clause. For example:
> typedef encryption-algorithm-type {
>            type uint32;
>            description 
>                "The encryption algorithm is specified with a 32-bit

Is there specific reason why the size of the registry does not match
the yang definition? The IANA registry is 16-bit and the SA payloads
in the IKEv2 only have space for Tranform ID used to carry this
information over.

So why is this text using uint32 and 32-bit numbers. What happens if
someone puts number 0x00010000 there which cannot be transported over