Re: [IPsec] [Tsv-art] I-D Action: draft-ietf-ipsecme-rfc8229bis-07.txt
"touch@strayalpha.com" <touch@strayalpha.com> Sat, 04 June 2022 00:48 UTC
Return-Path: <touch@strayalpha.com>
X-Original-To: ipsec@ietfa.amsl.com
Delivered-To: ipsec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 598E9C14F740; Fri, 3 Jun 2022 17:48:06 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.328
X-Spam-Level:
X-Spam-Status: No, score=-6.328 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, SPF_HELO_NONE=0.001, SPF_NEUTRAL=0.779, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=strayalpha.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id p1zpr8ZG5kng; Fri, 3 Jun 2022 17:48:02 -0700 (PDT)
Received: from server217-1.web-hosting.com (server217-1.web-hosting.com [198.54.114.226]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0FA4DC14F73E; Fri, 3 Jun 2022 17:48:01 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=strayalpha.com; s=default; h=To:References:Message-Id:Cc:Date:In-Reply-To: From:Subject:Mime-Version:Content-Type:Sender:Reply-To: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=ewUhrNIirT4Gqd2BUv6CagC7o5A5xRMrPah8IqJhm8g=; b=tfRUYV0L8twWeOYUKvFfS8Lbo2 /rOJydy65KEjranZjIed9pghelqy8YAtMd5ShKuKcLgbNjO1egLAR9yG7zd5qoVF9dMGRq/rf8XJj MX75Uo1ba8LbDTwtVBdOShG0u4iY9Ytd5JENDBQWkF7TZHTT7PuWCDLx4/z0OBtldcjf4gZYlFiyY I3u24aWSE1p1cQs25IQ/JtvcMZm14vww+C2zB9hLcy74bA/LBK49WpETywLNz0Bh6NcxVCrezNglp jINcwThCXc9tHstVvNxLw+16F6235iPPhOWJvrYWgXohtHr+VanJLeOyYCNIpkpRDCEyxyWdpoH14 MpuQYoyw==;
Received: from cpe-172-114-237-88.socal.res.rr.com ([172.114.237.88]:58878 helo=smtpclient.apple) by server217.web-hosting.com with esmtpsa (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95) (envelope-from <touch@strayalpha.com>) id 1nxHxN-00HGGo-7M; Fri, 03 Jun 2022 20:48:01 -0400
Content-Type: multipart/alternative; boundary="Apple-Mail=_FFF07A90-3CD4-4C30-AF50-29C1974D7339"
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3696.100.31\))
From: "touch@strayalpha.com" <touch@strayalpha.com>
In-Reply-To: <020d01d87763$50f65c20$f2e31460$@gmail.com>
Date: Fri, 03 Jun 2022 17:47:55 -0700
Cc: ipsec@ietf.org, secdir@ietf.org, tsv-art <tsv-art@ietf.org>, gen-art@ietf.org, Christian Huitema <huitema@huitema.net>, Reese Enghardt <ietf@tenghardt.net>
Message-Id: <3925A5FF-90B1-415D-BDBD-F31DC27C072E@strayalpha.com>
References: <165427134661.3358.1773230986010358694@ietfa.amsl.com> <020d01d87763$50f65c20$f2e31460$@gmail.com>
To: Valery Smyslov <smyslov.ietf@gmail.com>
X-Mailer: Apple Mail (2.3696.100.31)
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - server217.web-hosting.com
X-AntiAbuse: Original Domain - ietf.org
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain - strayalpha.com
X-Get-Message-Sender-Via: server217.web-hosting.com: authenticated_id: touch@strayalpha.com
X-Authenticated-Sender: server217.web-hosting.com: touch@strayalpha.com
X-Source:
X-Source-Args:
X-Source-Dir:
X-From-Rewrite: unmodified, already matched
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipsec/QZP9wyKmPb2Xm2cRnpyPBEoTVuk>
Subject: Re: [IPsec] [Tsv-art] I-D Action: draft-ietf-ipsecme-rfc8229bis-07.txt
X-BeenThere: ipsec@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Discussion of IPsec protocols <ipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipsec>, <mailto:ipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipsec/>
List-Post: <mailto:ipsec@ietf.org>
List-Help: <mailto:ipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 04 Jun 2022 00:48:06 -0000
This looks good, though I might suggest adding the update to security considerations to the document change summary in Sec 1.1. Joe — Dr. Joe Touch, temporal epistemologist www.strayalpha.com > On Jun 3, 2022, at 9:02 AM, Valery Smyslov <smyslov.ietf@gmail.com> wrote: > > Hi, > > we published a new version, which should address comments > received during IETF LC and directorate reviews. > > Many thanks for very helpful reviews! > > Regards, > Tommy & Valery. > >> -----Original Message----- >> From: IPsec [mailto:ipsec-bounces@ietf.org] On Behalf Of internet-drafts@ietf.org >> Sent: Friday, June 03, 2022 6:49 PM >> To: i-d-announce@ietf.org >> Cc: ipsec@ietf.org >> Subject: [IPsec] I-D Action: draft-ietf-ipsecme-rfc8229bis-07.txt >> >> >> A New Internet-Draft is available from the on-line Internet-Drafts directories. >> This draft is a work item of the IP Security Maintenance and Extensions WG of the IETF. >> >> Title : TCP Encapsulation of IKE and IPsec Packets >> Authors : Tommy Pauly >> Valery Smyslov >> Filename : draft-ietf-ipsecme-rfc8229bis-07.txt >> Pages : 34 >> Date : 2022-06-03 >> >> Abstract: >> This document describes a method to transport Internet Key Exchange >> Protocol (IKE) and IPsec packets over a TCP connection for traversing >> network middleboxes that may block IKE negotiation over UDP. This >> method, referred to as "TCP encapsulation", involves sending both IKE >> packets for Security Association establishment and Encapsulating >> Security Payload (ESP) packets over a TCP connection. This method is >> intended to be used as a fallback option when IKE cannot be >> negotiated over UDP. >> >> TCP encapsulation for IKE and IPsec was defined in RFC 8229. This >> document updates the specification for TCP encapsulation by including >> additional clarifications obtained during implementation and >> deployment of this method. This documents obsoletes RFC 8229. >> >> >> The IETF datatracker status page for this draft is: >> https://datatracker.ietf.org/doc/draft-ietf-ipsecme-rfc8229bis/ >> >> There is also an htmlized version available at: >> https://datatracker.ietf.org/doc/html/draft-ietf-ipsecme-rfc8229bis-07 >> >> A diff from the previous version is available at: >> https://www.ietf.org/rfcdiff?url2=draft-ietf-ipsecme-rfc8229bis-07 >> >> >> Internet-Drafts are also available by rsync at rsync.ietf.org::internet-drafts >> >> >> _______________________________________________ >> IPsec mailing list >> IPsec@ietf.org >> https://www.ietf.org/mailman/listinfo/ipsec > > _______________________________________________ > Tsv-art mailing list > Tsv-art@ietf.org > https://www.ietf.org/mailman/listinfo/tsv-art
- Re: [IPsec] I-D Action: draft-ietf-ipsecme-rfc822… Valery Smyslov
- [IPsec] I-D Action: draft-ietf-ipsecme-rfc8229bis… internet-drafts
- Re: [IPsec] [Tsv-art] I-D Action: draft-ietf-ipse… touch@strayalpha.com
- Re: [IPsec] [secdir] [Tsv-art] I-D Action: draft-… Valery Smyslov