IETF Logo Mail Archive

Re: [IPsec] Adam Roach's Yes on draft-ietf-ipsecme-implicit-iv-07: (with COMMENT)

Daniel Migault <daniel.migault@ericsson.com> Wed, 16 October 2019 03:07 UTC

Return-Path: <mglt.ietf@gmail.com>
X-Original-To: ipsec@ietfa.amsl.com
Delivered-To: ipsec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F37C0120846; Tue, 15 Oct 2019 20:07:48 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.475
X-Spam-Level:
X-Spam-Status: No, score=-1.475 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FREEMAIL_FORGED_FROMDOMAIN=0.172, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.25, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RmfxTkZWVOuS; Tue, 15 Oct 2019 20:07:47 -0700 (PDT)
Received: from mail-vk1-f175.google.com (mail-vk1-f175.google.com [209.85.221.175]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0EB5E12006B; Tue, 15 Oct 2019 20:07:47 -0700 (PDT)
Received: by mail-vk1-f175.google.com with SMTP id f1so4833579vkh.9; Tue, 15 Oct 2019 20:07:47 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=+YDC2NKb537MLbPlZerhJvkEOgeUQUMsLfJbyMwoKvI=; b=W/JOObx/l9CGNOnbc3CqX/Uw26pfwOY/mYCenHpZCm5ewDc57rujz7Vct7JeE6iRFa wTd3JCK/1rwCbfVrdOZJMg1+iw4ssbXxUHAEVddS7ciqwT6Pmbz18XbckU1JSY4TIjXU At4PafBJUsPTmxDO2tXViDABud0Ev66anR5HEjNQpW2ON36kPQSg+KVHzrgzZtLr5y4y OqsEbzHvhZqJp5CxjDuO3383RMXcXG/2pDUiemOg9uPU5BoSHkHvJ8DX7v/dyzQBcw4F OiK+pgKQXSrRk+g4Zk4zVvLZnYfmg+dua6ipdtsDZhkd9cauNveFACBdPeIAeAwbjPq0 HliA==
X-Gm-Message-State: APjAAAWJ5zwyBPKiIJ1JlibRyrHhgIBlJRh7NFDOor95/Zf+3ClqkywT dkr/Pg+WsiR1HZmPxJX7KFIlbdj3m20m4l3cYPE=
X-Google-Smtp-Source: APXvYqx63zcIGZhBb8buXECVnq9A7HiUfajjWf05kwuBCQsIuclAy5FKqejhrIbT3xlF8q7BMMADUpnlq7CjQBxo5Fc=
X-Received: by 2002:a1f:2706:: with SMTP id n6mr10991vkn.89.1571195265897; Tue, 15 Oct 2019 20:07:45 -0700 (PDT)
MIME-Version: 1.0
References: <157119428147.28057.3364707659942003352.idtracker@ietfa.amsl.com>
In-Reply-To: <157119428147.28057.3364707659942003352.idtracker@ietfa.amsl.com>
From: Daniel Migault <daniel.migault@ericsson.com>
Date: Tue, 15 Oct 2019 23:07:34 -0400
Message-ID: <CADZyTk=wf6na2m7+mo-QrLud_8_F6A-8r2CrJ+XVqr4ikS5jSQ@mail.gmail.com>
To: Adam Roach <adam@nostrum.com>
Cc: The IESG <iesg@ietf.org>, IPsecME WG <ipsec@ietf.org>, ipsecme-chairs@ietf.org, draft-ietf-ipsecme-implicit-iv@ietf.org, Tero Kivinen <kivinen@iki.fi>
Content-Type: multipart/alternative; boundary="000000000000b258e40594fe67f6"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipsec/FZHzryvczNcZydmklRXWAzy_kUE>
Subject: Re: [IPsec] Adam Roach's Yes on draft-ietf-ipsecme-implicit-iv-07: (with COMMENT)
X-BeenThere: ipsec@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Discussion of IPsec protocols <ipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipsec>, <mailto:ipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipsec/>
List-Post: <mailto:ipsec@ietf.org>
List-Help: <mailto:ipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 16 Oct 2019 03:07:50 -0000

Hi Adam,

Thanks for the feed back. All your comments have been fixed on the current
local version available at:
https://github.com/mglt/draft-mglt-ipsecme-implicit-iv/blob/master/draft-ietf-ipsecme-implicit-iv.txt

We expect to publish the version tomorrow.

Yours,
Daniel



On Tue, Oct 15, 2019 at 10:51 PM Adam Roach via Datatracker <
noreply@ietf.org> wrote:

> Adam Roach has entered the following ballot position for
> draft-ietf-ipsecme-implicit-iv-07: Yes
>
> When responding, please keep the subject line intact and reply to all
> email addresses included in the To and CC lines. (Feel free to cut this
> introductory paragraph, however.)
>
>
> Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html
> for more information about IESG DISCUSS and COMMENT positions.
>
>
> The document, along with other ballot positions, can be found here:
> https://datatracker.ietf.org/doc/draft-ietf-ipsecme-implicit-iv/
>
>
>
> ----------------------------------------------------------------------
> COMMENT:
> ----------------------------------------------------------------------
>
> Thanks for the work on this mechanism. I have no substantive comments
> beyond those that have already been shared, although I do have some
> minor editorial comments.
>
> ---------------------------------------------------------------------------
>
> §2:
>
> >  In some context, such as IoT, it may be preferable to avoid carrying
>
> Nit: "...some contexts..."
>
> Fixed

> ---------------------------------------------------------------------------
>
> §5:
>
> >  An initiator supporting this feature SHOULD propose implicit IV
> >  algorithms in the Transform Type 1 (Encryption Algorithm)
> >  Substructure of the Proposal Substructure inside the SA Payload.
>
> Please expand "SA" on first use.
>
> Fixed

> ---------------------------------------------------------------------------
>
> > 7.  Security Consideration
>
> Nit: "Considerations"
>
Fixed

>
> ---------------------------------------------------------------------------
>
> §7:
>
> >  extensions ([RFC6311], [RFC7383]) do allow it to repeat, so there is
> >  no an easy way to derive unique IV from IKEv2 header fields.
>
> Nit: "...not an easy way..."
>
Fixed

>
>
> _______________________________________________
> IPsec mailing list
> IPsec@ietf.org
> https://www.ietf.org/mailman/listinfo/ipsec
>

v2.23.0 | Report a Bug | By Email