[IPsec] Comments on draft-mglt-ipsecme-keep-old-ike-sa-00
Yaron Sheffer <yaronf.ietf@gmail.com> Thu, 25 July 2013 22:40 UTC
Return-Path: <yaronf.ietf@gmail.com>
X-Original-To: ipsec@ietfa.amsl.com
Delivered-To: ipsec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 452CB21F8F4A for <ipsec@ietfa.amsl.com>; Thu, 25 Jul 2013 15:40:21 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.577
X-Spam-Level:
X-Spam-Status: No, score=-102.577 tagged_above=-999 required=5 tests=[AWL=0.022, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id c2aatv0qAwDx for <ipsec@ietfa.amsl.com>; Thu, 25 Jul 2013 15:40:20 -0700 (PDT)
Received: from mail-ea0-x229.google.com (mail-ea0-x229.google.com [IPv6:2a00:1450:4013:c01::229]) by ietfa.amsl.com (Postfix) with ESMTP id 9699121F8F3C for <ipsec@ietf.org>; Thu, 25 Jul 2013 15:40:20 -0700 (PDT)
Received: by mail-ea0-f169.google.com with SMTP id h15so1231061eak.0 for <ipsec@ietf.org>; Thu, 25 Jul 2013 15:40:19 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=message-id:date:from:user-agent:mime-version:to:subject :content-type:content-transfer-encoding; bh=RvPqdCt4OcnzMkhru+laganJyYsCTlaCuL63AxlEF3Q=; b=kUkxtiEzlDV/xhoD3aaQxUPkQU+pPfv0mptW9+EGeFAcion/2IbLuWC+O27Yn2zkYi 7SqfEKNqBxntevowzKZwk7LBhApa8q41KBHNMAFaOPpX3ejl/LzPj9fGB2lc1FW+ikcL ILnSz2LmtFB0ufQnEeeicx4RT2oAP8lqRrtZMwSkM26aPG+Rht2bRadFf3qPWVGe2aqy SSJi5oy+SeI+yWs1a2lDi6WLOtgRfkn2Hn3oBdB/kwhv8pMxnFQe9S3dTAnfSlT5Kwpl Rn/rOBAV29S/DN2/YEVcBQTS1q40ZnkDq9VzVm3Q6pc8Hw7JnYMbsn4IZ5pNfYv/g9g8 /hTw==
X-Received: by 10.14.203.194 with SMTP id f42mr44959133eeo.53.1374792019760; Thu, 25 Jul 2013 15:40:19 -0700 (PDT)
Received: from [192.168.2.103] (dslb-094-222-009-225.pools.arcor-ip.net. [94.222.9.225]) by mx.google.com with ESMTPSA id i43sm1698083eeg.10.2013.07.25.15.40.18 for <ipsec@ietf.org> (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Thu, 25 Jul 2013 15:40:19 -0700 (PDT)
Message-ID: <51F1A952.5080002@gmail.com>
Date: Fri, 26 Jul 2013 00:40:18 +0200
From: Yaron Sheffer <yaronf.ietf@gmail.com>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20130623 Thunderbird/17.0.7
MIME-Version: 1.0
To: IPsecme WG <ipsec@ietf.org>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
Subject: [IPsec] Comments on draft-mglt-ipsecme-keep-old-ike-sa-00
X-BeenThere: ipsec@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Discussion of IPsec protocols <ipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipsec>, <mailto:ipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ipsec>
List-Post: <mailto:ipsec@ietf.org>
List-Help: <mailto:ipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 25 Jul 2013 22:40:21 -0000
Just a couple comments. Overall the idea makes sense to me.
- Should not ignore the extension if it is applied to a non-IKE SA. I
think a Syntax error would be more appropriate.
- There seems to be no distinction between non-support of the extension
and just not keeping the SA for some reason. Is this OK? If this is done
with the notification code values, please clarify it in the draft.
Thanks,
Yaron
- [IPsec] Comments on draft-mglt-ipsecme-keep-old-i… Yaron Sheffer