IETF Logo Mail Archive

Re: [IPsec] Éric Vyncke's No Objection on draft-ietf-ipsecme-ikev2-intermediate-09: (with COMMENT)

"Eric Vyncke (evyncke)" <evyncke@cisco.com> Wed, 02 March 2022 07:21 UTC

Return-Path: <evyncke@cisco.com>
X-Original-To: ipsec@ietfa.amsl.com
Delivered-To: ipsec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C0FB53A12D1; Tue, 1 Mar 2022 23:21:16 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -9.606
X-Spam-Level:
X-Spam-Status: No, score=-9.606 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H5=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b=KCTPRDB3; dkim=pass (1024-bit key) header.d=cisco.onmicrosoft.com header.b=003M2mfX
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wFdE3108uhan; Tue, 1 Mar 2022 23:21:12 -0800 (PST)
Received: from alln-iport-3.cisco.com (alln-iport-3.cisco.com [173.37.142.90]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AECF73A12CA; Tue, 1 Mar 2022 23:21:11 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=5132; q=dns/txt; s=iport; t=1646205671; x=1647415271; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-id:content-transfer-encoding: mime-version; bh=UummOOghJly3WlUUAIgNVyEtKbzGv2vhNLD3Fo6ljiA=; b=KCTPRDB3B6+gEOvtKBkzqoy66OhBzE698TrxIIIrRkSrX24h3owc6N5R l1hmdpphk0URsAlmVyYPhqmsrMcIWWN1WzHnErmuFre/BziTd2kzyDIpb s6TmdinIU6TtAx9xetE8BXcTBYoAAeLjwKkvPxoCM8VWx8iiu/hO5WTlN w=;
X-IPAS-Result: A0BLAABXGh9i/49dJa1aHAEBAQEBAQcBARIBAQQEAQFAgUYHAQELAYFRVgd3WjdEhFSDSgOEWWCFD4MCA4EpiWeFLopxgS4UgREDVAsBAQENAQE3CgQBAYUHAheDfQIlNAkOAQIEAQEBAQMCAwEBAQEBAQMBAQUBAQECAQYEgQkThWgNhkIBAQEBAgESEREMAQE3AQsEAgEIDgMDAQIDAiYCAgIfERUFAwgCBAEJBAUWDIJiAYJlAw0hAQ6gSwGBOgKKH3qBMYEBgggBAQYEBIFLQYJ/DQuCNwMGgRAsAYMOgwCBJIJcgxaBHyccgUlEgRUnDBCCZz6CIUIBAQOBKAESASGDGTeCLpUHYWQEIhkQCBSBBC0INSoROgORXSQGgwtHl1eRf2sKg0iLCo5nhXoFLoNzjCuYB4VSkQIgjHODUJBkhQcCBAIEBQIOAQEGNYEsPGlwcBVlAYIKAQEBMVEZD44gN4M7hRSFSnU4AgYBCgEBAwkBgjqRNQEB
IronPort-PHdr: A9a23:Jzgp3BNiTFmEseYwJ5Yl6ncDWUAX0o4cdiYZ6Zsi3rRJdKnrv5HvJ 1fW6vgliljVFZ7a5PRJh6uz0ejgVGUM7IzHvCUEd5pBBBMAgN8dygonBsPNAEbnLfnsOio9G skKVFJs83yhd0ZPH8OrbFzJqXr05jkXSX3C
IronPort-Data: A9a23:spv7eqyUAm80AJxMlit6t+dHxyrEfRIJ4+MujC+fZmUNrF6WrkVWm GAcW2CHa/eKNGekL9Fyaonlo0xX6MOGnYdnSQQ+rVhgHilAwSbn6Xt1DatR0we6dJCroJdPt p1GAjX4BJloCCea/H9BC5C5xZVG/fngqoHUVaiVYkideSc+EH170Uk7wbZj6mJVqYHR7z2l6 IuaT/L3YDdJ6xYsWo7Dw/vewP/HlK2aVAIw5jTSV9gS1LPtvyV94KYkGE2EByCQrr+4sQKNb 72rILmRpgs19vq2Yz+vuu6TnkYiGtY+MeUS45Zbc/DKv/RMmsA9+r0mBtcmcF9NtzKqm49f6 MhnnrGfbD58a8UgmMxFO/VZOzt1MasD87jdLD3g98eS1EbBNXDrxp2CDmlvYtZeobkxUDoIr KBDQNwORkjra+aezayqTOJvi+woLdLgO8UUvXQIITTxXa12HcGfHvWXjTNe9BVq1/pwIe7iX vMiUQhlbjmeUz5hCG5CXfrSm8/t3BETaQZwuVSUv+w27nTd5AN02bnpdtHSf7SiRN1Ok02wp 2/a8SL+GB5yHN2H0jeO93/pje/GnDngcIMfCLP+8eRl6HWf3GUdFFgXWEe15PihkUO1Xt8aK k8Z5HBrrK4u+VauQ9X8VgG1iH+JohBaXMBfe8U75RqC4qvZ/wjfAXILJhZadtUgnMIyWz0xk EWU9+4FHhR1u7GTDHma7LrR8nW5ODMeKikJYipsoRY53uQPabob1nrnJuuP2obv5jEpMVkcG wy3kRU=
IronPort-HdrOrdr: A9a23:p7Mi86CtHtCpToflHej2sseALOsnbusQ8zAXPh9KKCC9I/b3qy nxppsmPEfP+UkssHFJo6HmBEEZKUmstKKdkrNhQ4tKOzOW+FdATbsSo7cKpgeBJ8SQzJ8n6U 4NSdkaNDS0NykHsS+Y2nj6Lz9D+qj8zEnAv463pB0BIXAIGsNdBkVCe3um+yZNNW977O8CZe KhD7181kOdkBosH6CGL0hAe9KGi8zAlZrgbxJDLQUg8hOygTSh76O/OwSE3z8FOgk/g4sKwC zgqUjU96+ju/a0xlv3zGnI9albn9Pn159qGNGMsM4IMT/h4zzYIbiJGofy+AzdktvfrmrCo+ O8+ivI+P4Ds085S1vF5icFHTOQiwrGpUWSk2NwykGT0PARDAhKe/apw7gpLycwLyEbzY5BOG Uh5RPEi3MfN2KzoMy2jeK4JC1Chw66p2EvnvUUiGEaWYwCaKVJpYha509NFowcdRiKpbzPPd MeR/003swmO29yrkqpyFVH0ZipRDA+Dx2GSk8Ntoic1CVXhmlwyw8dyNYElnkN+ZohQ90cjt 60fZhAhfVLVIsbfKh9DOAOTY++DXHMWwvFNCaXLU78HK8KNnrRo9r84akz5uutZJsUpaFC1K jpQRddryo/akjuAcqB0NlC9Q3MWny0WXD3xsRX9/FCy/XBrXrQQGS+oXwV4r+dSq8kc7jmst 6ISeVrP8M=
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-AV: E=Sophos;i="5.90,148,1643673600"; d="scan'208";a="838494585"
Received: from rcdn-core-7.cisco.com ([173.37.93.143]) by alln-iport-3.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 02 Mar 2022 07:21:09 +0000
Received: from mail.cisco.com (xbe-rcd-002.cisco.com [173.37.102.17]) by rcdn-core-7.cisco.com (8.15.2/8.15.2) with ESMTPS id 2227L95s015162 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=OK); Wed, 2 Mar 2022 07:21:09 GMT
Received: from xfe-rcd-003.cisco.com (173.37.227.251) by xbe-rcd-002.cisco.com (173.37.102.17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.14; Wed, 2 Mar 2022 01:21:09 -0600
Received: from xfe-rcd-005.cisco.com (173.37.227.253) by xfe-rcd-003.cisco.com (173.37.227.251) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.14; Wed, 2 Mar 2022 01:21:08 -0600
Received: from NAM10-MW2-obe.outbound.protection.outlook.com (72.163.14.9) by xfe-rcd-005.cisco.com (173.37.227.253) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.14 via Frontend Transport; Wed, 2 Mar 2022 01:21:08 -0600
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=WqzLyRfsM/YftIP1Kufw7H15g8hAF8AhW1WClk5gJ/ntPvtPmm2bS20x+th6fR0A+1mLjPkjb7ipg6AlRMbPWQ3nzTif2yz2qF29w20CzlDS6NMVo1xEwuSDLVROOFIoVUtlcs7qL5xkeZ6R5He8XZQOCb4qle+PDVxrbD50//dZRx6iCBxXKn4l8rAtebg6wjlFuC/BA2m8VtdpbBv409NCDzqLWM2KVC+jOmB4pUvg8PNbEliTJt5/PfiStPj1tsD9k1dUdFbACgpnsTBOdySJRoaTqulHveL7bGHoyKF8Iso5+EVItgC0os22jlxbg8RDc/q+MFEst6xVd+CC1g==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=UummOOghJly3WlUUAIgNVyEtKbzGv2vhNLD3Fo6ljiA=; b=Du6n4NuiTWD3yHZGYYT3NwVpypgHQVovgZUGiq7fDzJj8RU3K4dQgC6tUwmbIkwpXATrF9TWkVOXdO0J8gnfnOCFjTPbtuPsL2HDLEJpLtb3YRVeC3pRHDqFEM8Dl9xve6lqfmZDq2xUEsfZMsEMueWxb18fyyhMOe+AF3s/35tok701jeNqmVYh8F2zkRNb9DTN0RE3GJxeKfIW1NbSjo4rGpUM0QNYdgTIk0CT7u6LVS+0tpLsvzqOdWL397zJExvXMwnOIbQt6xk7b5OyfgcakAdKrHVLCFtJXYjzA4ZAW5DmCmPj7hfNQzA4ymuNqHGjuRU3DIMaG3t20eD8fg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cisco.com; dmarc=pass action=none header.from=cisco.com; dkim=pass header.d=cisco.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.onmicrosoft.com; s=selector2-cisco-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=UummOOghJly3WlUUAIgNVyEtKbzGv2vhNLD3Fo6ljiA=; b=003M2mfXY+MFuMqlkWiighEsZ1KUYOriGsNnAK0/JGGDprWuMRDbNXkY7563GAAnCQTX3YJ3npMkoKmY1vn9F3ygAurYQJ7x7ayp9UDZLv5Vk5XKxvgFddgR5Oqro9eIT8c47lB+nyiDs9ebTu0Nmktz3bhq6+0hdgr2IZoM7qs=
Received: from PH0PR11MB4966.namprd11.prod.outlook.com (2603:10b6:510:42::21) by SJ0PR11MB5938.namprd11.prod.outlook.com (2603:10b6:a03:42d::5) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5017.24; Wed, 2 Mar 2022 07:19:52 +0000
Received: from PH0PR11MB4966.namprd11.prod.outlook.com ([fe80::1929:3b1b:99a3:312]) by PH0PR11MB4966.namprd11.prod.outlook.com ([fe80::1929:3b1b:99a3:312%9]) with mapi id 15.20.5017.027; Wed, 2 Mar 2022 07:19:52 +0000
From: "Eric Vyncke (evyncke)" <evyncke@cisco.com>
To: Valery Smyslov <svan@elvis.ru>, 'The IESG' <iesg@ietf.org>
CC: "draft-ietf-ipsecme-ikev2-intermediate@ietf.org" <draft-ietf-ipsecme-ikev2-intermediate@ietf.org>, "ipsecme-chairs@ietf.org" <ipsecme-chairs@ietf.org>, "ipsec@ietf.org" <ipsec@ietf.org>, "ynir.ietf@gmail.com" <ynir.ietf@gmail.com>
Thread-Topic: Éric Vyncke's No Objection on draft-ietf-ipsecme-ikev2-intermediate-09: (with COMMENT)
Thread-Index: AQHYLgAMwZHICWpRNU6b7/KNqqO7aqyrrPiAgAATm4A=
Date: Wed, 02 Mar 2022 07:19:52 +0000
Message-ID: <C2C0C30B-3054-467C-BBAA-2A621AB9A2C7@cisco.com>
References: <164620305328.18018.5385286809724354469@ietfa.amsl.com> <047201d82e04$7ccce7e0$7666b7a0$@elvis.ru>
In-Reply-To: <047201d82e04$7ccce7e0$7666b7a0$@elvis.ru>
Accept-Language: fr-BE, en-US
Content-Language: en-GB
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/16.58.22021501
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=cisco.com;
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: a1fa7d93-d7c9-46ab-5f3d-08d9fc1d0b4b
x-ms-traffictypediagnostic: SJ0PR11MB5938:EE_
x-microsoft-antispam-prvs: <SJ0PR11MB593898AC2281BA4B61E904F3A9039@SJ0PR11MB5938.namprd11.prod.outlook.com>
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: 43rczrrvzLVmZ0FrQAI9ZycxxBqW9MjEbLgG15+Clkif8AObIrzhYrwvz7ReFVvV+QXzlD6lTzLDscOtQJIXLFowwGdZ44tbOAd7yOYHXguGB70oZIhpgId78kMyIflcAh87zuYX05njx1tIUAJ6j0UmDPmn1wBwscj/GtA+UBPr0p1cfngdtfRKHb0UwdnrIBEaJep9f7soB+A48b7zQp94oTf/AFBTyL/jUvWyruAjxEGwON+9b7hRoyDuX2Byj9g5KTB/bg0JO0KV6qZ4NbP64v+KYcEmuwHv2mHzix9/S2nBPSjeItRqp7xgo2pxYLPnQpWhvqThBazNxzqoI/QQND6or3L21mIjuj0vuPTIdo2pA5BBANsc58wyWctk1+zqNz2m29/bKnqFqcFvqDz4W5TkjA/9xfzRbDDOIvMtqMyd1fXEcyLc/MolM86fJngmjgNq+9YIgusMweZldAt9VDGkoHvb0uXEA0iL3PVnl6CeVOO8cGE4gXx5XBAS9Vv4fVtYddU9/xEDqgdQvR4Q9g8Cn4CjbfWZ1VME80N6sdTZl/bHGOSvv91tU7SO8kjUxsaRJ4DCeVaXRxJ/RmqN+4hSVILCO2UrGwfi8HjaWwjiPC297sglycTbWOmKuY/fUkonextLbSqdBOoAu7eiu0aqCs52+6o4yUxztcZiEfBo6dmstknx8YIw68zW9DVPvshr1Tg+jSHc3iULxPgjupwDGRiqLCZieotwSdzbseJCrH1CdwplznMzduEV0XptkC4nNqmJJbJQmIInYGOghCIBUBiQ5Fn81isR7xe+nN48Eh+meF/qBHa5DllsZQVWydiWuIHISkGCGk7A9G22w3eTWBAoXsCS96Ta/FQ=
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:PH0PR11MB4966.namprd11.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230001)(366004)(110136005)(6512007)(53546011)(122000001)(54906003)(38100700002)(66574015)(36756003)(83380400001)(33656002)(2906002)(5660300002)(224303003)(76116006)(4326008)(64756008)(66446008)(66946007)(91956017)(66556008)(86362001)(66476007)(316002)(6486002)(966005)(71200400001)(38070700005)(508600001)(186003)(2616005)(8936002)(6506007)(45980500001); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: wmgHqiDbZI89aIY2s8I79Cpiqxy7LbZqhCQIfHjhPjaqOKfevn6yPjn4P3vnJ+HtMxv2/vxqAh+H14c7dAiSD5NP+TNx3W7s+93X6ih4PQhWx/i5AzgN7MRQiSPjS5UA3gAY2lq7LpqGuoDTDjsvoc7/YXyM5CvF+nXNxqFe+BRx2FUs/SL5qO1KzVgVSH2hlfOI0DuZBWbVwHdnbIjyJMvrMWfYzRsj1FgGqwZNtC1dKtznYfoLoju1+5l5MUsUDQaVNCvPkcMIceeP1TmMSGgObt9B8IhqwPqSW93yiZiv5RDgOFK81XOfSd8s2UvEu2nXOfrs4lAnd5MT3g7CL7wtiXQLrBCh2G04nSpXitBtdM3QsuAOdu1hTw68fIUmQCOh3zfC2AQ6484bXOVw2yNdN/HMRzo1CxOePZDzfhibLm858biodmeSXAYZ2h15EgOhFM6lHr3dJmKIRXtmLRW+VMqi2JvdYVvgHa56bAmu0sYbXJuyZ6SFoqWJFrarDyJjtRGotpIpz/JGXB3Pk/Y3HKu5XLE/s7zQb66tIGS0TB1f82TQdNi2YBfS28O5AT+YzFappgyS7A3fBFh+gMhvDrVhGp9bJOP3vQ0ksTwbZjRhSllgV7ebXg4l1EyWhzAAdhVqcVb5v90n6P0oLa5oBp6Yg9/wHf2no5xfESSbE1Y+j+n8yKjd1ehsdvgwKuBdkNipJ7emKK9BI6ikqbWAoYMBB2mc75QHWZ3mqjUfFxPYIN2+jNLx+jpNSUPJtLWLyk6PkN3W3sgNdGubeDwzo6di7AJDcQKSe7RG7VOufrjxSVB+5qPZINw3xprN6eqg9RrZZJcNQEb7gMPM1NG141k68rfrRacfn8EDF3R/MkrvsYfatL3DSCqR26B+s67nrZLYIhuHabelgUJJbq1tQqpF5OpSUeHgSDQh8sS7oZGCHFmHQaV7G44BWj/HjFZ5ar8EbaqRjwpa/Wnj+UOus7zpM6TlFUkAdGBhtTbPkNozfKCeTjKUYLx0Pd4pToWl1dp+WBAZ98aBedyLVK/sRlwdTq7CZCCHffGdpJu2cG+JCCgrfRHFuN0d6pI1KFEv7DC1vvdWTCft3kNIFg8wzImyc49Snu0BKWSYg6YUK0JKUl/iwpAOXmDNMJRGQAVk8RulHkN3dkiUmNchHIa0CCeU0SXQbL1mJrsrB5nb6yNCvL5NhhIuMYvfSBoRuiNVu0wwN1ACZFfzp5eh7eGz9IAy7rbWTEaf5g9Fx1j1Mdfu06RooonuB8EwLVBK9NbnI72umI9D0xrX5oNxhvF3NYHA23Y/tqo1pqLk9i0tK73+ct9PztmR5Ati9Lv1tX/6W9kX7DvXBFTbpCA/V8fE/p02GSvMhZo4+VrNF8sjgn/nUd8X2S/Ul/Dgan7syvdhFYa9bH1kdgE6ES5fFCAR4RlSR9hz/oX5wls3Y5v0zzGaaM176MaB7L662tdZ2eOo4HLb0hEEiVyUaf/qucCRkxM/BuhtTjJqYF9DMPmvLEtse00UMY2AYWNHf95NWpV8zEXzvMkQu571+X2IWikrSogSCrJIBORwer3Cz+3zymcPj4zFI5q8Q0dsEPV8d8ONu4xB+hjzlwu/AnWit0RfGaRmpGjwZB0StkB2zeTB5jwmPkVVo0AejtdGovvFYjjlqDR7AtktQM15vR2FUaJo0MdTZhhBUG5qXbfAB8I=
Content-Type: text/plain; charset="utf-8"
Content-ID: <D59ABFA7F325C148BDE0B78D6E0E3132@namprd11.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: PH0PR11MB4966.namprd11.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: a1fa7d93-d7c9-46ab-5f3d-08d9fc1d0b4b
X-MS-Exchange-CrossTenant-originalarrivaltime: 02 Mar 2022 07:19:52.1969 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: ToBZfatisZ1+eEwXqdO3ZDEVG7ptdqMd9JZWONyt1/aigGlKysCYXKYCaBAc+WypZScjLq82pS3Nfrb/89PcZg==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: SJ0PR11MB5938
X-OriginatorOrg: cisco.com
X-Outbound-SMTP-Client: 173.37.102.17, xbe-rcd-002.cisco.com
X-Outbound-Node: rcdn-core-7.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipsec/Fhk8X2fE01CPHR6zEazL0UJjWR8>
Subject: Re: [IPsec] Éric Vyncke's No Objection on draft-ietf-ipsecme-ikev2-intermediate-09: (with COMMENT)
X-BeenThere: ipsec@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Discussion of IPsec protocols <ipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipsec>, <mailto:ipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipsec/>
List-Post: <mailto:ipsec@ietf.org>
List-Help: <mailto:ipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 02 Mar 2022 07:21:17 -0000

Valery

Thank you for such a prompt reply.

I agree with all your comments and suggestions for new text.

Regards

-éric

-----Original Message-----
From: Valery Smyslov <svan@elvis.ru>
Date: Wednesday, 2 March 2022 at 08:10
To: Eric Vyncke <evyncke@cisco.com>, 'The IESG' <iesg@ietf.org>
Cc: "draft-ietf-ipsecme-ikev2-intermediate@ietf.org" <draft-ietf-ipsecme-ikev2-intermediate@ietf.org>, "ipsecme-chairs@ietf.org" <ipsecme-chairs@ietf.org>, "ipsec@ietf.org" <ipsec@ietf.org>, "ynir.ietf@gmail.com" <ynir.ietf@gmail.com>
Subject: RE: Éric Vyncke's No Objection on draft-ietf-ipsecme-ikev2-intermediate-09: (with COMMENT)

    Hi Éric,

    thank you for your comments.

    > Éric Vyncke has entered the following ballot position for
    > draft-ietf-ipsecme-ikev2-intermediate-09: No Objection
    > 
    > When responding, please keep the subject line intact and reply to all
    > email addresses included in the To and CC lines. (Feel free to cut this
    > introductory paragraph, however.)
    > 
    > 
    > Please refer to https://www.ietf.org/about/groups/iesg/statements/handling-ballot-positions/
    > for more information about how to handle DISCUSS and COMMENT positions.
    > 
    > 
    > The document, along with other ballot positions, can be found here:
    > https://datatracker.ietf.org/doc/draft-ietf-ipsecme-ikev2-intermediate/
    > 
    > 
    > 
    > ----------------------------------------------------------------------
    > COMMENT:
    > ----------------------------------------------------------------------
    > 
    > Thank you for the work put into this document.
    > 
    > Please find below some non-blocking COMMENT points (but replies would be
    > appreciated even if only for my own education).
    > 
    > Special thanks to Yoav Nir for the shepherd's write-up including the section
    > about the WG consensus.
    > 
    > I hope that this helps to improve the document,
    > 
    > Regards,
    > 
    > -éric
    > 
    > ## Abstract
    > 
    > The abstract would benefit by adding a few use cases / applicability statement
    > (per the shepherd's write-up and introduction, i.e., a hint for PQ crypto).

    I updated the abstract as follows:

       This document defines a new exchange, called Intermediate Exchange,
       for the Internet Key Exchange protocol Version 2 (IKEv2).  This
       exchange can be used for transferring large amounts of data in the
       process of IKEv2 Security Association (SA) establishment.  An example
       of the need to do this is using Quantum Computer resistant key
       exchange methods for IKE SA establishment.  Introducing the
       Intermediate Exchange allows re-using the existing IKE fragmentation
       mechanism, that helps to avoid IP fragmentation of large IKE
       messages, but cannot be used in the initial IKEv2 exchange.

    Is it OK?

    > ## Section 1
    > 
    > s/If size of a message is large enough, IP fragmentation takes place/If size of
    > a message is larger than the MTU, IP fragmentation takes place/

    I have no problem with this clarification, but I suggest s/MTU/PMTU
    in the new text, since IP fragmentation for IPv4 can also take place
    on the intermediate routers. So, if you don't mind, I'll change the text to:

    "If the size of a message is larger than the PMTU, ..."

    > RFC 7383 is dated 2014, is it still applicable in 2022 ?

    Yes. The problems with correct handling of IP fragments in SOHO devices
    still persist, as far as I know, so RFC 7383 is still applicable. 
    Most (if not all) IPsec vendors support it.

    Thank you!

    Regards,
    Valery.

v2.23.0 | Report a Bug | By Email