[IPsec] IESG DISCUSS re: IKEv2-bis and RFC 4307
Yaron Sheffer <yaronf.ietf@gmail.com> Sat, 08 May 2010 20:55 UTC
Return-Path: <yaronf.ietf@gmail.com>
X-Original-To: ipsec@core3.amsl.com
Delivered-To: ipsec@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 013C43A684A for <ipsec@core3.amsl.com>; Sat, 8 May 2010 13:55:21 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.001
X-Spam-Level:
X-Spam-Status: No, score=0.001 tagged_above=-999 required=5 tests=[BAYES_50=0.001]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id l4eJWtKglu1x for <ipsec@core3.amsl.com>; Sat, 8 May 2010 13:55:20 -0700 (PDT)
Received: from fg-out-1718.google.com (fg-out-1718.google.com [72.14.220.157]) by core3.amsl.com (Postfix) with ESMTP id D2D393A67F6 for <ipsec@ietf.org>; Sat, 8 May 2010 13:55:19 -0700 (PDT)
Received: by fg-out-1718.google.com with SMTP id l26so825632fgb.13 for <ipsec@ietf.org>; Sat, 08 May 2010 13:55:04 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from :user-agent:mime-version:to:subject:content-type :content-transfer-encoding; bh=mPCACW/I4yVw/W4Fk9PXPkdVfi0jDUzBcV6TOT5Ziz8=; b=nZhS9w20oz9hUjvKlR71GbovQwTqxeJpWvrE8/U2A6qlLjkF94BYNf4dMaVXQsMGIV UxwleItyp2VxBGvzQUKSxLU5Bmz7oGoEQzZCMPB9mgeWlcwrW7QKRyN7GkTs2udXF0AV NzI9gpyPC+v/m+YQ39ObQD1PSjgHW22tnQUAk=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:user-agent:mime-version:to:subject :content-type:content-transfer-encoding; b=Id9VYKzffi7cH/pgj4HY3a4nQD3OQpjLJJOUtQI/ltY1tWNmLThDRMzLhtND3xcWVj 0uex6l8JwGMyASozoooqmh3oS4RmgbxKcRa22ENf6M1BAmXVZ40CSf4nMuBVo++XF6EW vN8JmVr0wNeL7QzM/Fj3uc/+zw7+PQTYg2mSo=
Received: by 10.86.124.8 with SMTP id w8mr6555453fgc.8.1273352104654; Sat, 08 May 2010 13:55:04 -0700 (PDT)
Received: from [192.168.0.72] (orchid1.bb.netvision.net.il [212.143.159.174]) by mx.google.com with ESMTPS id d4sm7609689fga.25.2010.05.08.13.55.00 (version=SSLv3 cipher=RC4-MD5); Sat, 08 May 2010 13:55:03 -0700 (PDT)
Message-ID: <4BE5CFA1.3030105@gmail.com>
Date: Sat, 08 May 2010 23:54:57 +0300
From: Yaron Sheffer <yaronf.ietf@gmail.com>
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.1.9) Gecko/20100423 Lightning/1.0b1 Thunderbird/3.0.4
MIME-Version: 1.0
To: IPsecme WG <ipsec@ietf.org>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
Subject: [IPsec] IESG DISCUSS re: IKEv2-bis and RFC 4307
X-BeenThere: ipsec@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Discussion of IPsec protocols <ipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ipsec>
List-Post: <mailto:ipsec@ietf.org>
List-Help: <mailto:ipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 08 May 2010 20:55:21 -0000
Hi everyone,
There is a DISCUSS position from an IESG member on the ikev2bis document
that says:
>The Gen-ART Review by Elwyn Davies on 4 May 2010 raised a question
>that deserves consideration. Elwyn said:
>>
>> s3.3.4: The draft states that the list of mandatory to implement
>> suites has been removed due to evolution going too fast. However
>> there are effectively some mandatory to implement suites; they are
>> listed in other documents. There should be a way of finding them
>> so that users and implmenters can find them easily.
>>
>Inclusion of a informative reference seems reasonable. There could be
>warning that the algorithm document is likely to be updated without
>a corresponding update to the protocol. The RFC index will tell the
>community when the algorithm document is revised.
The previous WG chose not to put any reference to RFC 4307 into RFC
4306, so this would be a change. Having said that, adding a reference is
not much of a change. Proposed wording for 3.3.4 would be:
CURRENT:
The specification of suites that MUST and SHOULD be supported for
interoperability has been removed from this document because they are
likely to change more rapidly than this document evolves.
PROPOSED:
The specification of suites that MUST and SHOULD be supported for
interoperability is not included this document because they are
likely to change more rapidly than this document evolves. At
the time of publication of this document, [RFC 4307] specifies
these suites, but note that it might be updated in the future, and
other RFCs might specify different sets of suites.
RFC 4307 would be listed as a normative reference.
Please note that we are going one better than Elwyn's comment, in adding
4307 as a normative, rather than informational, reference. Is there any
objection in the WG to this change?
Thanks,
Yaron
- [IPsec] IESG DISCUSS re: IKEv2-bis and RFC 4307 Yaron Sheffer
- Re: [IPsec] IESG DISCUSS re: IKEv2-bis and RFC 43… Yoav Nir
- Re: [IPsec] IESG DISCUSS re: IKEv2-bis and RFC 43… Paul Hoffman
- Re: [IPsec] IESG DISCUSS re: IKEv2-bis and RFC 43… Yaron Sheffer
- Re: [IPsec] IESG DISCUSS re: IKEv2-bis and RFC 43… Paul Hoffman