Re: [IPsec] Ensuring future extensibility for WESP
Jack Kohn <kohn.jack@gmail.com> Sat, 21 November 2009 00:24 UTC
Return-Path: <kohn.jack@gmail.com>
X-Original-To: ipsec@core3.amsl.com
Delivered-To: ipsec@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 9F6423A67E4 for <ipsec@core3.amsl.com>; Fri, 20 Nov 2009 16:24:50 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.299
X-Spam-Level:
X-Spam-Status: No, score=-2.299 tagged_above=-999 required=5 tests=[AWL=-0.300, BAYES_00=-2.599, J_CHICKENPOX_37=0.6]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8AJvJSdz1ulE for <ipsec@core3.amsl.com>; Fri, 20 Nov 2009 16:24:49 -0800 (PST)
Received: from mail-yw0-f183.google.com (mail-yw0-f183.google.com [209.85.211.183]) by core3.amsl.com (Postfix) with ESMTP id B7BE63A67BE for <ipsec@ietf.org>; Fri, 20 Nov 2009 16:24:49 -0800 (PST)
Received: by ywh13 with SMTP id 13so4450942ywh.29 for <ipsec@ietf.org>; Fri, 20 Nov 2009 16:24:41 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:in-reply-to:references :date:message-id:subject:from:to:cc:content-type :content-transfer-encoding; bh=9A+9s3WxdKop+2uF+SoJnpazql3ll7tRGa5qlsVAlH0=; b=rx0mkZEGTGSRYJuq5WeY9vIMlD71gKLFVnuKWIo0xfWlBmcu1bVsnCOmp7vzLRNtDX PbKFpyYswEF+p+C7kqHbARtXnybppPeblVd7IaExWbEbX6sAgG4GItzeBrTczC/jYVms csDfrQ7kHgw0ZKWXbpMEA7MYEHC4ZYJy2lgng=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:content-transfer-encoding; b=caJS5/KTyTE+JSIvKAvO/ouDfozCvqN06RU/C3WuCdMC/4E8jISJd/hdYQsLc/wwfi /ZS8coiW2zZbgJmwPZ+pbrZTFDm/eARfVeuZiQ0PK0QMpTXMOWEcHkxRjERgCEI0aQa5 0iU+BLxr22r9IGsKMdEDgVjT5x9E4WbFhr83s=
MIME-Version: 1.0
Received: by 10.90.14.13 with SMTP id 13mr3301525agn.117.1258763074082; Fri, 20 Nov 2009 16:24:34 -0800 (PST)
In-Reply-To: <C49B4B6450D9AA48AB99694D2EB0A483382B3294@rrsmsx505.amr.corp.intel.com>
References: <7F9A6D26EB51614FBF9F81C0DA4CFEC801BDF888ABAF@il-ex01.ad.checkpoint.com> <C49B4B6450D9AA48AB99694D2EB0A483382B3294@rrsmsx505.amr.corp.intel.com>
Date: Sat, 21 Nov 2009 05:54:33 +0530
Message-ID: <dc8fd0140911201624u225e0f4fq4381a4cca13578e7@mail.gmail.com>
From: Jack Kohn <kohn.jack@gmail.com>
To: "Grewal, Ken" <ken.grewal@intel.com>
Content-Type: text/plain; charset="windows-1252"
Content-Transfer-Encoding: quoted-printable
Cc: IPsecme WG <ipsec@ietf.org>
Subject: Re: [IPsec] Ensuring future extensibility for WESP
X-BeenThere: ipsec@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Discussion of IPsec protocols <ipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ipsec>
List-Post: <mailto:ipsec@ietf.org>
List-Help: <mailto:ipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 21 Nov 2009 00:24:50 -0000
I support this as well. Jack On Fri, Nov 20, 2009 at 10:34 PM, Grewal, Ken <ken.grewal@intel.com> wrote: > I support this change to ensure future compatibility with the base draft. > > As Yaron indicates, the extension header size is as per the current draft > and we are just adding some semantics to the pad field. > > > > There is also minimal textual change in the document. > > > > Thanks, > > - Ken > > > > From: ipsec-bounces@ietf.org [mailto:ipsec-bounces@ietf.org] On Behalf Of > Yaron Sheffer > Sent: Tuesday, November 17, 2009 11:30 PM > To: IPsecme WG > Subject: [IPsec] Ensuring future extensibility for WESP > > > > Hi, > > > > The recent draft on extending WESP which was presented in Hiroshima, > explains why the current WESP is *not* extensible, and we would need a new > version number if we are to add any extensions in the future. > > > > It is up to the WG to decide whether or not we want to adopt the draft, > given that many people were skeptical about the specific extensions > proposed. But regardless of that, it would be a mistake to publish WESP > today with no facility for extensibility. After consulting with Pasi (the > draft is at a very late stage, having been through IESG review), I would > like to make a simple proposal to add this extensibility, with (almost) no > change to the current draft. This will leave us with future options, at > virtually no cost. I am basically just changing the semantics of the Padding > field. Specifically: > > > > 1. Rename IPv6Padding to “Padding (Reserved for Future Use)”, and allow it > to be any length <256, subject to the IPv4 and IPv6 alignment constraints. > > 2. If P=1 (Padding Present flag), the first octet of the Padding field will > hold the padding's length. [Hardware implementations can check that it is 4 > for IPv6, otherwise move the packet to the slow path]. All other Padding > octets are sent as zero, and ignored by the receiver. > > > > Note that there are barely any changes on the wire, as long as we don't have > extensions. In particular the length remains unchanged. > > > > Thanks, > > Yaron > > _______________________________________________ > IPsec mailing list > IPsec@ietf.org > https://www.ietf.org/mailman/listinfo/ipsec > >
- [IPsec] Ensuring future extensibility for WESP Yaron Sheffer
- Re: [IPsec] Ensuring future extensibility for WESP Bhatia, Manav (Manav)
- Re: [IPsec] Ensuring future extensibility for WESP Grewal, Ken
- Re: [IPsec] Ensuring future extensibility for WESP Jack Kohn
- Re: [IPsec] Ensuring future extensibility for WESP Min Huang
- Re: [IPsec] Ensuring future extensibility for WESP Yaron Sheffer