Return-Path: <ynir@checkpoint.com>
X-Original-To: ipsec@ietfa.amsl.com
Delivered-To: ipsec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix)
 with ESMTP id 3EFAF21F8A0C for <ipsec@ietfa.amsl.com>;
 Wed, 13 Mar 2013 16:39:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.582
X-Spam-Level: 
X-Spam-Status: No, score=-10.582 tagged_above=-999 required=5 tests=[AWL=0.017,
 BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com
 [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id UO3SPUWEWnOF for
 <ipsec@ietfa.amsl.com>; Wed, 13 Mar 2013 16:39:40 -0700 (PDT)
Received: from smtp.checkpoint.com (smtp.checkpoint.com [194.29.34.68]) by
 ietfa.amsl.com (Postfix) with ESMTP id 1BFCB21F8A08 for <ipsec@ietf.org>;
 Wed, 13 Mar 2013 16:39:39 -0700 (PDT)
Received: from DAG-EX10.ad.checkpoint.com ([194.29.34.150]) by
 smtp.checkpoint.com (8.13.8/8.13.8) with ESMTP id r2DNdZPu004242;
 Thu, 14 Mar 2013 01:39:35 +0200
X-CheckPoint: {51410D63-0-1B221DC2-2FFFF}
Received: from IL-EX10.ad.checkpoint.com ([169.254.2.54]) by
 DAG-EX10.ad.checkpoint.com ([169.254.3.95]) with mapi id 14.02.0342.003;
 Thu, 14 Mar 2013 01:39:35 +0200
From: Yoav Nir <ynir@checkpoint.com>
To: Paul Wouters <paul@nohats.ca>
Thread-Topic: [IPsec] IKE fragmentation
Thread-Index: AQHOH/pQdHmEPMd7P0SMbddmnpEj3pijlQIAgACRiAA=
Date: Wed, 13 Mar 2013 23:39:34 +0000
Message-ID: <F31FED83-E80E-49CD-B683-32EB23021EEF@checkpoint.com>
References: <20799.34490.611737.922474@fireball.kivinen.iki.fi>
 <294A12724CB849D2A33F7F80CC82426A@buildpc>
 <alpine.LFD.2.03.1303130941040.27437@nohats.ca>
 <4C4F5DE0838E4DCFBAE31A02D7ED5D33@buildpc>
 <alpine.LFD.2.03.1303131036300.27437@nohats.ca>
 <BC5E4CA618BE4508859830CAA8D6A337@buildpc>
 <alpine.LFD.2.03.1303131057440.27437@nohats.ca>
In-Reply-To: <alpine.LFD.2.03.1303131057440.27437@nohats.ca>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
x-originating-ip: [172.31.20.156]
x-kse-antivirus-interceptor-info: scan successful
x-kse-antivirus-info: Clean
Content-Type: text/plain; charset="us-ascii"
Content-ID: <EA09BA04D9C5F1478AED03BED261A81D@ad.checkpoint.com>
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Cc: "<ipsec@ietf.org>" <ipsec@ietf.org>, Valery Smyslov <svanru@gmail.com>,
 Tero Kivinen <kivinen@iki.fi>
Subject: Re: [IPsec] IKE fragmentation
X-BeenThere: ipsec@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Discussion of IPsec protocols <ipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipsec>,
 <mailto:ipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ipsec>
List-Post: <mailto:ipsec@ietf.org>
List-Help: <mailto:ipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipsec>,
 <mailto:ipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 13 Mar 2013 23:39:41 -0000

On Mar 13, 2013, at 10:58 AM, Paul Wouters <paul@nohats.ca> wrote:

> On Wed, 13 Mar 2013, Valery Smyslov wrote:
>=20
>> Or are you talking about the fictional IETF document (not yet written)
>> describing existing IKEv1 fragmentation? Probably it is better that
>> the authors of that solution document it.
>=20
> I don't think any IKEv1 documents will ever be written again? :)

I think that if we make this a working group document, we should add an App=
endix that will be informational and describe what people are doing for IKE=
v1, including the VendorID and the payload identifier "appropriated" for fr=
agments.

When I implemented this I used the source of Wireshark to figure out how th=
e protocol worked. Pretty poor reverse engineering, but it produced somethi=
ng that interoperates.

Yoav=