[IPsec] Fwd: New Version Notification for draft-ietf-ipsecme-ike-tcp-01.txt

Yoav Nir <ynir@checkpoint.com> Mon, 03 December 2012 22:44 UTC

Return-Path: <ynir@checkpoint.com>
X-Original-To: ipsec@ietfa.amsl.com
Delivered-To: ipsec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7E8C421F8981 for <ipsec@ietfa.amsl.com>; Mon, 3 Dec 2012 14:44:46 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.413
X-Spam-Level:
X-Spam-Status: No, score=-10.413 tagged_above=-999 required=5 tests=[AWL=0.185, BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hajE+sHkhyWE for <ipsec@ietfa.amsl.com>; Mon, 3 Dec 2012 14:44:45 -0800 (PST)
Received: from smtp.checkpoint.com (smtp.checkpoint.com [194.29.34.68]) by ietfa.amsl.com (Postfix) with ESMTP id 6062021F8949 for <ipsec@ietf.org>; Mon, 3 Dec 2012 14:44:45 -0800 (PST)
Received: from IL-EX10.ad.checkpoint.com ([194.29.34.147]) by smtp.checkpoint.com (8.13.8/8.13.8) with ESMTP id qB3Mie3h003173 for <ipsec@ietf.org>; Tue, 4 Dec 2012 00:44:40 +0200
X-CheckPoint: {50BD2B25-0-1B221DC2-2FFFF}
Received: from IL-EX10.ad.checkpoint.com ([169.254.2.14]) by IL-EX10.ad.checkpoint.com ([194.29.34.147]) with mapi id 14.02.0318.004; Tue, 4 Dec 2012 00:44:40 +0200
From: Yoav Nir <ynir@checkpoint.com>
To: IPsecme WG <ipsec@ietf.org>
Thread-Topic: New Version Notification for draft-ietf-ipsecme-ike-tcp-01.txt
Thread-Index: AQHN0aZR5AUY/fnrKEmTT9wsWOPWuA==
Date: Mon, 03 Dec 2012 22:44:39 +0000
Message-ID: <4613980CFC78314ABFD7F85CC30277210EDD1C92@IL-EX10.ad.checkpoint.com>
References: <20121203223404.5441.41129.idtracker@ietfa.amsl.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [172.31.21.65]
x-kse-antivirus-interceptor-info: scan successful
x-kse-antivirus-info: Clean
Content-Type: multipart/alternative; boundary="_000_4613980CFC78314ABFD7F85CC30277210EDD1C92ILEX10adcheckpo_"
MIME-Version: 1.0
Subject: [IPsec] Fwd: New Version Notification for draft-ietf-ipsecme-ike-tcp-01.txt
X-BeenThere: ipsec@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Discussion of IPsec protocols <ipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipsec>, <mailto:ipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ipsec>
List-Post: <mailto:ipsec@ietf.org>
List-Help: <mailto:ipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 03 Dec 2012 22:44:46 -0000

Hi

I've just posted version -01 of the draft, which I think addresses the issues discussed at the F2F in Atlanta:

 - Added a port specification to the notification (and so, port agility for when the IKE peer is behind NAT)
 - Added the notification to the Initiator as well, so that it can advertise its port
 - Added discussion in section 2.1 about the not using a different transport for the same request with a stateless cookie.
 - Added advice against sending a stateless cookie in the response to TCP.
 - Added a NAT considerations section (3.2)

As Paul said at the meeting, we will need a couple of more rounds of this, and I believe in publishing often, so keep those comments coming.

Yoav

Begin forwarded message:

From: <internet-drafts@ietf.org<mailto:internet-drafts@ietf.org>>
Subject: New Version Notification for draft-ietf-ipsecme-ike-tcp-01.txt
Date: December 4, 2012 12:34:04 AM GMT+02:00
To: <ynir@checkpoint.com<mailto:ynir@checkpoint.com>>


A new version of I-D, draft-ietf-ipsecme-ike-tcp-01.txt
has been successfully submitted by Yoav Nir and posted to the
IETF repository.

Filename: draft-ietf-ipsecme-ike-tcp
Revision: 01
Title: A TCP transport for the Internet Key Exchange
Creation date: 2012-12-04
WG ID: ipsecme
Number of pages: 9
URL:             http://www.ietf.org/internet-drafts/draft-ietf-ipsecme-ike-tcp-01.txt
Status:          http://datatracker.ietf.org/doc/draft-ietf-ipsecme-ike-tcp
Htmlized:        http://tools.ietf.org/html/draft-ietf-ipsecme-ike-tcp-01
Diff:            http://www.ietf.org/rfcdiff?url2=draft-ietf-ipsecme-ike-tcp-01

Abstract:
  This document describes using TCP for IKE messages.  This facilitates
  the transport of large messages over paths where fragments are either
  dropped, or where packet loss makes the use of large UDP packets
  unreliable.