[IPsec] RFC5996bis section 3.1 comment
Paul Wouters <paul@cypherpunks.ca> Wed, 13 November 2013 20:45 UTC
Return-Path: <paul@cypherpunks.ca>
X-Original-To: ipsec@ietfa.amsl.com
Delivered-To: ipsec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AFFCE21E80C3 for <ipsec@ietfa.amsl.com>; Wed, 13 Nov 2013 12:45:11 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.612
X-Spam-Level:
X-Spam-Status: No, score=-2.612 tagged_above=-999 required=5 tests=[AWL=-0.013, BAYES_00=-2.599]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Li5bXLGtFqLo for <ipsec@ietfa.amsl.com>; Wed, 13 Nov 2013 12:45:05 -0800 (PST)
Received: from mx.nohats.ca (mx.nohats.ca [193.110.157.68]) by ietfa.amsl.com (Postfix) with ESMTP id A131411E8136 for <ipsec@ietf.org>; Wed, 13 Nov 2013 12:44:48 -0800 (PST)
Received: from localhost (localhost [IPv6:::1]) by mx.nohats.ca (Postfix) with ESMTP id 3dKd9V5qY7z71n; Wed, 13 Nov 2013 15:44:46 -0500 (EST)
X-Virus-Scanned: amavisd-new at mx.nohats.ca
Received: from mx.nohats.ca ([IPv6:::1]) by localhost (mx.nohats.ca [IPv6:::1]) (amavisd-new, port 10024) with ESMTP id U6AaWfZVbBAa; Wed, 13 Nov 2013 15:44:45 -0500 (EST)
Received: from bofh.nohats.ca (bofh.nohats.ca [76.10.157.69]) by mx.nohats.ca (Postfix) with ESMTP; Wed, 13 Nov 2013 15:44:45 -0500 (EST)
Received: by bofh.nohats.ca (Postfix, from userid 500) id 423E08086E; Wed, 13 Nov 2013 15:44:44 -0500 (EST)
Received: from localhost (localhost [127.0.0.1]) by bofh.nohats.ca (Postfix) with ESMTP id 2F501800A9; Wed, 13 Nov 2013 15:44:44 -0500 (EST)
Date: Wed, 13 Nov 2013 15:44:44 -0500
From: Paul Wouters <paul@cypherpunks.ca>
X-X-Sender: paul@bofh.nohats.ca
To: Tero Kivinen <kivinen@iki.fi>
In-Reply-To: <21087.60447.758422.672867@fireball.kivinen.iki.fi>
Message-ID: <alpine.LFD.2.10.1311131536150.9256@bofh.nohats.ca>
References: <21087.60447.758422.672867@fireball.kivinen.iki.fi>
User-Agent: Alpine 2.10 (LFD 1266 2009-07-14)
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; format="flowed"; charset="US-ASCII"
Cc: "ipsec@ietf.org WG" <ipsec@ietf.org>
Subject: [IPsec] RFC5996bis section 3.1 comment
X-BeenThere: ipsec@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Discussion of IPsec protocols <ipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipsec>, <mailto:ipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ipsec>
List-Post: <mailto:ipsec@ietf.org>
List-Help: <mailto:ipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 13 Nov 2013 20:45:11 -0000
On Thu, 17 Oct 2013, Tero Kivinen wrote:
[forgive me if already reported]
Section 3.1 states:
o Major Version (4 bits) - Indicates the major version of the IKE
protocol in use. Implementations based on this version of IKE
MUST set the major version to 2. Implementations based on
previous versions of IKE and ISAKMP MUST set the major version to
--> 1. Implementations based on this version of IKE MUST reject or
ignore messages containing a version number greater than 2 with an
INVALID_MAJOR_VERSION notification message as described in Section
2.5.
The reading of "this version" on the line marked "-->" is a little
unclear. Does it refer to the previous sentence's version (version 1)
or this version as in "this document's" version (version 2). I suggest
replacing "this version" with "this document's version"
o Minor Version (4 bits) - Indicates the minor version of the IKE
protocol in use. Implementations based on this version of IKE
MUST set the minor version to 0. They MUST ignore the minor
version number of received messages.
For the Major we tell what IKEv1 implementations should do. Why don't we
do that for the Minor as well? Suggested addition:
Implementations based on the previous major version of IKE and
ISAKMP MUST set the minor version to 0 and reject or ignore
messages containing a minor version number greater than 0 with
an INVALID_MINOR_VERSION notification message.
Paul
- [IPsec] Updated version of RFC5996bis Tero Kivinen
- Re: [IPsec] Updated version of RFC5996bis Paul Wouters
- Re: [IPsec] Updated version of RFC5996bis Yaron Sheffer
- Re: [IPsec] Updated version of RFC5996bis Yoav Nir
- Re: [IPsec] Updated version of RFC5996bis Paul Wouters
- Re: [IPsec] Updated version of RFC5996bis Tero Kivinen
- [IPsec] Editorial changes to RFC5996 Valery Smyslov
- Re: [IPsec] Editorial changes to RFC5996 Yaron Sheffer
- Re: [IPsec] Editorial changes to RFC5996 Valery Smyslov
- Re: [IPsec] Editorial changes to RFC5996 Yaron Sheffer
- Re: [IPsec] Editorial changes to RFC5996 Yoav Nir
- Re: [IPsec] Editorial changes to RFC5996 Yaron Sheffer
- Re: [IPsec] Editorial changes to RFC5996 Valery Smyslov
- Re: [IPsec] Editorial changes to RFC5996 Yaron Sheffer
- [IPsec] One more editorial issue in RFC5996 Valery Smyslov
- [IPsec] RFC5996bis editorial change in section 1.… Tero Kivinen
- Re: [IPsec] RFC5996bis editorial change in sectio… Yaron Sheffer
- [IPsec] RFC5996bis editorial change in section 1.… Tero Kivinen
- Re: [IPsec] RFC5996bis editorial change in sectio… Valery Smyslov
- Re: [IPsec] RFC5996bis editorial change in sectio… Yaron Sheffer
- [IPsec] RFC5996bis editorial change in section 1.… Tero Kivinen
- [IPsec] RFC5996bis editorial change in section 1.… Tero Kivinen
- [IPsec] RFC5996bis editorial change in section 1.… Tero Kivinen
- [IPsec] RFC5996bis editorial change in section 1.… Tero Kivinen
- [IPsec] RFC5996bis editorial change in section 2.… Tero Kivinen
- [IPsec] RFC5996bis editorial change in section 2.… Tero Kivinen
- [IPsec] RFC5996bis editorial change in section 2.… Tero Kivinen
- [IPsec] RFC5996bis editorial change in section 2.… Tero Kivinen
- [IPsec] RFC5996bis editorial change in section 2.… Tero Kivinen
- [IPsec] RFC5996bis editorial change in section 3.… Tero Kivinen
- [IPsec] RFC5996bis section 3.1 comment Paul Wouters
- [IPsec] RFC5996bis section 3.1 comment Tero Kivinen