[IPsec] [Errata Held for Document Update] RFC8229 (5320)
RFC Errata System <rfc-editor@rfc-editor.org> Mon, 11 April 2022 00:23 UTC
Return-Path: <wwwrun@rfcpa.amsl.com>
X-Original-To: ipsec@ietfa.amsl.com
Delivered-To: ipsec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 10F193A0E74; Sun, 10 Apr 2022 17:23:52 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.659
X-Spam-Level:
X-Spam-Status: No, score=-1.659 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HEADER_FROM_DIFFERENT_DOMAINS=0.248, SPF_HELO_NONE=0.001, SPF_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rvVD3CWK1tOB; Sun, 10 Apr 2022 17:23:47 -0700 (PDT)
Received: from rfcpa.amsl.com (rfc-editor.org [4.31.198.49]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B56423A0E70; Sun, 10 Apr 2022 17:23:47 -0700 (PDT)
Received: by rfcpa.amsl.com (Postfix, from userid 499) id 9CD86E43A5; Sun, 10 Apr 2022 17:23:47 -0700 (PDT)
To: valery@smyslov.net, tpauly@apple.com, samy.touati@ericsson.com, ramantha@cisco.com
From: RFC Errata System <rfc-editor@rfc-editor.org>
Cc: paul.wouters@aiven.io, iesg@ietf.org, ipsec@ietf.org, rfc-editor@rfc-editor.org
Content-Type: text/plain; charset="UTF-8"
Message-Id: <20220411002347.9CD86E43A5@rfcpa.amsl.com>
Date: Sun, 10 Apr 2022 17:23:47 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipsec/INNBXtAjJ__MiIsZUfzba-unxJI>
Subject: [IPsec] [Errata Held for Document Update] RFC8229 (5320)
X-BeenThere: ipsec@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Discussion of IPsec protocols <ipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipsec>, <mailto:ipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipsec/>
List-Post: <mailto:ipsec@ietf.org>
List-Help: <mailto:ipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 11 Apr 2022 00:23:52 -0000
The following errata report has been held for document update for RFC8229, "TCP Encapsulation of IKE and IPsec Packets". -------------------------------------- You may review the report below and at: https://www.rfc-editor.org/errata/eid5320 -------------------------------------- Status: Held for Document Update Type: Technical Reported by: Valery Smyslov <valery@smyslov.net> Date Reported: 2018-04-09 Held by: Paul Wouters (IESG) Section: GLOBAL Original Text ------------- Corrected Text -------------- TCP provides reliable transport, so there is no need for applications to deal with retransmissions. Moreover, sending retransmissions by IKE in case of TCP on congested networks could further increase congestion and degrade performance. For this reason IKE initiators SHOULD NOT retransmit requests if they are sent over TCP. However, both IKE initiators and responders MUST correctly handle retransmitted messages received over TCP, but responders SHOULD NOT resend response messages in this case. If IKE initiators still choose to retransmit requests over TCP, then the retransmission policy SHOULD be less aggressive than it would have been in case of UDP. Notes ----- While Section 12.2 discusses some implications that TCP transport could have on ESP protocol, the IKE retransmission behavior, described in Section 2.1 of RFC7296, is not redefined by this RFC. This is an oversight and some recommendations for implementers should have been given. The suggested text should be placed in a new section, presumably between sections 8 and 9. Paul Wouters: The reported of this errata is writing a bis draft for this document where this is indeed already clarified. See https://datatracker.ietf.org/doc/html/draft-ietf-ipsecme-rfc8229bis-05#section-7.2 Resolving as Held for Document Update -------------------------------------- RFC8229 (draft-ietf-ipsecme-tcp-encaps-10) -------------------------------------- Title : TCP Encapsulation of IKE and IPsec Packets Publication Date : August 2017 Author(s) : T. Pauly, S. Touati, R. Mantha Category : PROPOSED STANDARD Source : IP Security Maintenance and Extensions Area : Security Stream : IETF Verifying Party : IESG
- [IPsec] [Errata Held for Document Update] RFC8229… RFC Errata System