IETF Logo Mail Archive

Re: [IPsec] WGLC of draft-ietf-ipsecme-labeled-ipsec

Benjamin Kaduk <kaduk@mit.edu> Thu, 05 August 2021 05:31 UTC

Return-Path: <kaduk@mit.edu>
X-Original-To: ipsec@ietfa.amsl.com
Delivered-To: ipsec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5A3FC3A0B20; Wed, 4 Aug 2021 22:31:06 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.499
X-Spam-Level:
X-Spam-Status: No, score=-1.499 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, KHOP_HELO_FCRDNS=0.399, SPF_HELO_NONE=0.001, SPF_NONE=0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id cOGqQwQrdDZ3; Wed, 4 Aug 2021 22:31:01 -0700 (PDT)
Received: from outgoing.mit.edu (outgoing-auth-1.mit.edu [18.9.28.11]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4B6813A0B18; Wed, 4 Aug 2021 22:31:01 -0700 (PDT)
Received: from kduck.mit.edu ([24.16.140.251]) (authenticated bits=56) (User authenticated as kaduk@ATHENA.MIT.EDU) by outgoing.mit.edu (8.14.7/8.12.4) with ESMTP id 1755UpjY029663 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 5 Aug 2021 01:30:57 -0400
Date: Wed, 04 Aug 2021 22:30:51 -0700
From: Benjamin Kaduk <kaduk@mit.edu>
To: Paul Wouters <paul.wouters=40aiven.io@dmarc.ietf.org>
Cc: Tero Kivinen <kivinen@iki.fi>, "ipsec@ietf.org WG" <ipsec@ietf.org>
Message-ID: <20210805053051.GG50759@kduck.mit.edu>
References: <24831.15082.263253.443690@fireball.acr.fi> <59cd35e-9972-7a1c-dcad-16c0b3d61ba8@nohats.ca>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <59cd35e-9972-7a1c-dcad-16c0b3d61ba8@nohats.ca>
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipsec/Nd6C4Il263dbb3YlITIG6n4RIjY>
Subject: Re: [IPsec] WGLC of draft-ietf-ipsecme-labeled-ipsec
X-BeenThere: ipsec@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Discussion of IPsec protocols <ipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipsec>, <mailto:ipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipsec/>
List-Post: <mailto:ipsec@ietf.org>
List-Help: <mailto:ipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 05 Aug 2021 05:31:07 -0000

On Tue, Jul 27, 2021 at 11:16:36PM -0400, Paul Wouters wrote:
> On Tue, 27 Jul 2021, Tero Kivinen wrote:
> 
> > This is the start of 2 week WGLC on the
> > draft-ietf-ipsecme-labeled-ipsec document, ending 2021-08-10.
> >
> > Please submit your comments to the list, also send a note if you have
> > reviewed the document, so we can see how many people are interested in
> > getting this out.
> 
> I'm an author, so obviously I am interested. Also, the code point is
> allocated so I think we are beyond the point of meassuring "interest" :)
> 
> But it would be good to know if the document has any issues, since we
> can then still fix them. We also have an implementation (libreswan with 
> Linux).
> 
> Note that the IKE negotiation part of labels was pretty straightforward.
> 
> The Linux SElinux labels implementation is not. I will likely write up
> an informational draft about the Linux kernel implementation and usage.

I am not 100% sure, but I think the NFSv4 WG might be interested to hear
about such a document as well.  There was some controversy about one of the
nfsv4 documents and whether it could proceed without some stable definition
of what the linux labels actually mean.

-Ben

v2.23.0 | Report a Bug | By Email