IETF Logo Mail Archive

Re: [IPsec] New Version Notification for draft-amjads-ipsecme-ikev2-data-channel-01.txt

"Amjad Inamdar (amjads)" <amjads@cisco.com> Wed, 30 April 2014 06:52 UTC

Return-Path: <amjads@cisco.com>
X-Original-To: ipsec@ietfa.amsl.com
Delivered-To: ipsec@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 11A1F1A6EE8 for <ipsec@ietfa.amsl.com>; Tue, 29 Apr 2014 23:52:31 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -15.152
X-Spam-Level:
X-Spam-Status: No, score=-15.152 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, RP_MATCHES_RCVD=-0.651, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1JqvHnaRdlSj for <ipsec@ietfa.amsl.com>; Tue, 29 Apr 2014 23:52:28 -0700 (PDT)
Received: from rcdn-iport-6.cisco.com (rcdn-iport-6.cisco.com [173.37.86.77]) by ietfa.amsl.com (Postfix) with ESMTP id E50731A6EE5 for <ipsec@ietf.org>; Tue, 29 Apr 2014 23:52:27 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=4338; q=dns/txt; s=iport; t=1398840747; x=1400050347; h=from:to:subject:date:message-id:references:in-reply-to: content-transfer-encoding:mime-version; bh=VYlBsjWh5D4m/03/Rydmu0oPntMp4cfz4+IDY1Zx+Zo=; b=Cta1fsYsdpFjVmfrCNwchAgcjc8vArEJm8vBmrQ+329KYktFJxgWXK/7 GWhWEywCri6FRtk/Jdgi+TN3Qm/bZPVa27BG8sowcqm90OWNCCVEZr6an uPLZHamIZZQE0jZ7oZ+PJey0Jhia91tuX+dK9hFWpFdVimsrQH5VULPLC Y=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: AlsGANucYFOtJA2M/2dsb2JhbABZgwZPUQa9N4c5gSQWdIIlAQEBBAEBATcrCQkOBAIBCBEEAQELFAkHJwsUCQgCBAESCAGIOAgFyhYXjgABAR4zBQaDHoEVBJpfkS6DMYFyOQ
X-IronPort-AV: E=Sophos;i="4.97,956,1389744000"; d="scan'208";a="321400129"
Received: from alln-core-7.cisco.com ([173.36.13.140]) by rcdn-iport-6.cisco.com with ESMTP; 30 Apr 2014 06:52:25 +0000
Received: from xhc-rcd-x07.cisco.com (xhc-rcd-x07.cisco.com [173.37.183.81]) by alln-core-7.cisco.com (8.14.5/8.14.5) with ESMTP id s3U6qPDg016148 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL); Wed, 30 Apr 2014 06:52:25 GMT
Received: from xmb-rcd-x10.cisco.com ([169.254.15.104]) by xhc-rcd-x07.cisco.com ([173.37.183.81]) with mapi id 14.03.0123.003; Wed, 30 Apr 2014 01:52:25 -0500
From: "Amjad Inamdar (amjads)" <amjads@cisco.com>
To: "Black, David" <david.black@emc.com>, "Rajeshwar Singh Jenwar (rsj)" <rsj@cisco.com>, "IPsecme WG (ipsec@ietf.org)" <ipsec@ietf.org>
Thread-Topic: New Version Notification for draft-amjads-ipsecme-ikev2-data-channel-01.txt
Thread-Index: AQHPPeiO1qUsOYKQVUCWirQNN+fFNJren44AgDhRGQCAExQE0A==
Date: Wed, 30 Apr 2014 06:52:25 +0000
Message-ID: <62922D1DB814EF458679925ECD8AA68D242A33ED@xmb-rcd-x10.cisco.com>
References: <20140312114328.20101.44457.idtracker@ietfa.amsl.com> <AAB3D1882B58DF46B73D67CE475E7EA004CF0F91@xmb-rcd-x03.cisco.com> <8D3D17ACE214DC429325B2B98F3AE712076C2EC424@MX15A.corp.emc.com>
In-Reply-To: <8D3D17ACE214DC429325B2B98F3AE712076C2EC424@MX15A.corp.emc.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [173.39.65.215]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: http://mailarchive.ietf.org/arch/msg/ipsec/12JCxosBeAU4PPEdKsIqsQlx_QA
Subject: Re: [IPsec] New Version Notification for draft-amjads-ipsecme-ikev2-data-channel-01.txt
X-BeenThere: ipsec@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Discussion of IPsec protocols <ipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipsec>, <mailto:ipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ipsec/>
List-Post: <mailto:ipsec@ietf.org>
List-Help: <mailto:ipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 30 Apr 2014 06:52:31 -0000

Hi David,

In the new version (version 1) of the draft, unlike IKEv2 control packets the data packets are not acknowledged and hence the comments on congestion and windowing no longer apply.

Thanks,
-Amjad

-----Original Message-----
From: IPsec [mailto:ipsec-bounces@ietf.org] On Behalf Of Black, David
Sent: Friday, April 18, 2014 3:58 AM
To: Rajeshwar Singh Jenwar (rsj); IPsecme WG (ipsec@ietf.org)
Subject: Re: [IPsec] New Version Notification for draft-amjads-ipsecme-ikev2-data-channel-01.txt

Well, Joe Touch's comments on congestion still apply:

http://www.ietf.org/mail-archive/web/ipsec/current/msg08654.html

I suggest consulting RFC 5405 on this topic, and applying its guidance.

Thanks,
--David

> -----Original Message-----
> From: IPsec [mailto:ipsec-bounces@ietf.org] On Behalf Of Rajeshwar 
> Singh Jenwar (rsj)
> Sent: Wednesday, March 12, 2014 10:27 PM
> To: IPsecme WG (ipsec@ietf.org)
> Subject: [IPsec] FW: New Version Notification for 
> draft-amjads-ipsecme-ikev2- data-channel-01.txt
> 
> Hi,
> 
> We (Amjad and I) have published new version of "Data over IKEv2 for 
> application security" draft based on inputs/comments received.
> Please review and provide comments/inputs/questions.
> 
> Kind Regards,
> Raj
> 
> -----Original Message-----
> From: internet-drafts@ietf.org [mailto:internet-drafts@ietf.org]
> Sent: Wednesday, March 12, 2014 5:13 PM
> To: Amjad Inamdar (amjads); Rajeshwar Singh Jenwar (rsj); Rajeshwar 
> Singh Jenwar (rsj); Amjad Inamdar (amjads)
> Subject: New Version Notification for 
> draft-amjads-ipsecme-ikev2-data-channel-
> 01.txt
> 
> 
> A new version of I-D, draft-amjads-ipsecme-ikev2-data-channel-01.txt
> has been successfully submitted by Amjad S. Inamdar and posted to the 
> IETF repository.
> 
> Name:		draft-amjads-ipsecme-ikev2-data-channel
> Revision:	01
> Title:		IKEv2 based lightweight secure data communication draft-
> amjads-ipsecme-ikev2-data-channel-01 (D-IKE)
> Document date:	2014-03-12
> Group:		Individual Submission
> Pages:		15
> URL:            http://www.ietf.org/internet-drafts/draft-amjads-ipsecme-
> ikev2-data-channel-01.txt
> Status:         https://datatracker.ietf.org/doc/draft-amjads-ipsecme-ikev2-
> data-channel/
> Htmlized:       http://tools.ietf.org/html/draft-amjads-ipsecme-ikev2-data-
> channel-01
> Diff:           http://www.ietf.org/rfcdiff?url2=draft-amjads-ipsecme-ikev2-
> data-channel-01
> 
> Abstract:
>    The Internet Key Exchange (IKEv2) protocol provides authentication,
>    confidentiality, integrity, data-origin authentication and anti-
>    replay.  Currently, IKEv2 is mainly used as a control channel to
>    negotiate IPsec SA(s).  IPsec is not well suited to provide transport
>    layer security for applications as it resides at the network layer
>    and most of the IPsec implementations require integration into
>    operating systems making it difficult to deploy.  IPsec uses
>    different sessions for control and data traffic which is not NAT and
>    load balancer friendly.  TLS/DTLS, the other popular security
>    mechanism to provide the above security services does not mandate
>    mutual peer authentication and Diffie Hellman exchange.
> 
>    This document describes an IKEv2 based lightweight secure data
>    communication protocol and a way to provide transport layer security
>    for UDP client/server applications.  The protocol provides integrity
>    protected encryption and integrity-only protection based on
>    application needs.  As most of the IoT applications are UDP based,
>    IKEv2 can be used for key management as well secure data
>    communication in IoT due to its simplicity, scalability,
>    lightweightedness and ease of deployment.
> 
> 
> 
> 
> Please note that it may take a couple of minutes from the time of 
> submission until the htmlized version and diff are available at tools.ietf.org.
> 
> The IETF Secretariat
> 
> _______________________________________________
> IPsec mailing list
> IPsec@ietf.org
> https://www.ietf.org/mailman/listinfo/ipsec

_______________________________________________
IPsec mailing list
IPsec@ietf.org
https://www.ietf.org/mailman/listinfo/ipsec

v2.23.0 | Report a Bug | By Email