Re: [IPsec] [secdir] [Tsv-art] I-D Action: draft-ietf-ipsecme-rfc8229bis-07.txt
Valery Smyslov <valery@smyslov.net> Sun, 05 June 2022 05:27 UTC
Return-Path: <valery@smyslov.net>
X-Original-To: ipsec@ietfa.amsl.com
Delivered-To: ipsec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5691CC14CF13; Sat, 4 Jun 2022 22:27:39 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.108
X-Spam-Level:
X-Spam-Status: No, score=-7.108 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=smyslov.net
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qalV9rM0DbyN; Sat, 4 Jun 2022 22:27:34 -0700 (PDT)
Received: from direct.host-care.com (direct.host-care.com [198.136.54.115]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B0580C14F72A; Sat, 4 Jun 2022 22:27:21 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=smyslov.net ; s=default; h=Content-Type:MIME-Version:Message-ID:Date:Subject:In-Reply-To: References:Cc:To:From:Sender:Reply-To:Content-Transfer-Encoding:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=i3xrfLai9g4hROYQEcwbcqcakzZX9ivgiuhRcAEBwuk=; b=WhCUiougB7MxHZUtn5vZY9V4t4 gkCicm2x72BPhoUQ+ESPGXbSMoh+Ms4bYx2xX+G0JaSF988kO/uBPuxbOux/LT8pAKSV4DvyonAmo SM2qyl65XgqT3B8p8Vz4KpQ1YC6cShMzynir+TXjleHfYFH6PcBLx/SFDQQQbHHb0IUwznfc2hTlO TUsWAFCZ9zXwzJYIb7s4m82DBVCVxjIVHNynC+v1+mULtVy3LRP88/GEF1Dxhv+5HztRxMtWrsw2H dznFVL/jBds5b3iufvSxKp7QtIjiSXmhmS+bKTu1/UVZaJgLRdD8JQtwQM4nXFEweHKg7a4gF3gv7 ttpaXGnQ==;
Received: from 89-179-107-27.broadband.corbina.ru ([89.179.107.27]:7200 helo=chichi) by direct.host-care.com with esmtpsa (TLS1.2) tls TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.93) (envelope-from <valery@smyslov.net>) id 1nxinB-0003gN-FC; Sun, 05 Jun 2022 01:27:14 -0400
From: Valery Smyslov <valery@smyslov.net>
To: touch@strayalpha.com, 'Valery Smyslov' <smyslov.ietf@gmail.com>
Cc: secdir@ietf.org, gen-art@ietf.org, ipsec@ietf.org, 'Reese Enghardt' <ietf@tenghardt.net>, 'tsv-art' <tsv-art@ietf.org>
References: <165427134661.3358.1773230986010358694@ietfa.amsl.com> <020d01d87763$50f65c20$f2e31460$@gmail.com> <3925A5FF-90B1-415D-BDBD-F31DC27C072E@strayalpha.com>
In-Reply-To: <3925A5FF-90B1-415D-BDBD-F31DC27C072E@strayalpha.com>
Date: Sun, 05 Jun 2022 08:27:10 +0300
Message-ID: <000c01d8789c$e9d150f0$bd73f2d0$@smyslov.net>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="----=_NextPart_000_000D_01D878B6.0F253FB0"
X-Mailer: Microsoft Outlook 14.0
Content-Language: ru
Thread-Index: AQMSHNcy18MVat4h80cFKim9ornoiQGLDXQ7AmVKQYqqrXz/kA==
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - direct.host-care.com
X-AntiAbuse: Original Domain - ietf.org
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain - smyslov.net
X-Get-Message-Sender-Via: direct.host-care.com: authenticated_id: valery@smyslov.net
X-Authenticated-Sender: direct.host-care.com: valery@smyslov.net
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipsec/ezRZ1qCrof2YZp_isI80HF6Og5Q>
Subject: Re: [IPsec] [secdir] [Tsv-art] I-D Action: draft-ietf-ipsecme-rfc8229bis-07.txt
X-BeenThere: ipsec@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Discussion of IPsec protocols <ipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipsec>, <mailto:ipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipsec/>
List-Post: <mailto:ipsec@ietf.org>
List-Help: <mailto:ipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 05 Jun 2022 05:27:39 -0000
Hi Joe, From: secdir [mailto:secdir-bounces@ietf.org] On Behalf Of touch@strayalpha.com Sent: Saturday, June 04, 2022 3:48 AM To: Valery Smyslov Cc: secdir@ietf.org; gen-art@ietf.org; ipsec@ietf.org; Reese Enghardt; tsv-art Subject: Re: [secdir] [Tsv-art] [IPsec] I-D Action: draft-ietf-ipsecme-rfc8229bis-07.txt This looks good, though I might suggest adding the update to security considerations to the document change summary in Sec 1.1. Good point, will do. Thank you, Valery. Joe — Dr. Joe Touch, temporal epistemologist www.strayalpha.com On Jun 3, 2022, at 9:02 AM, Valery Smyslov <smyslov.ietf@gmail.com> wrote: Hi, we published a new version, which should address comments received during IETF LC and directorate reviews. Many thanks for very helpful reviews! Regards, Tommy & Valery. -----Original Message----- From: IPsec [mailto:ipsec-bounces@ietf.org] On Behalf Of internet-drafts@ietf.org Sent: Friday, June 03, 2022 6:49 PM To: i-d-announce@ietf.org Cc: ipsec@ietf.org Subject: [IPsec] I-D Action: draft-ietf-ipsecme-rfc8229bis-07.txt A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the IP Security Maintenance and Extensions WG of the IETF. Title : TCP Encapsulation of IKE and IPsec Packets Authors : Tommy Pauly Valery Smyslov Filename : draft-ietf-ipsecme-rfc8229bis-07.txt Pages : 34 Date : 2022-06-03 Abstract: This document describes a method to transport Internet Key Exchange Protocol (IKE) and IPsec packets over a TCP connection for traversing network middleboxes that may block IKE negotiation over UDP. This method, referred to as "TCP encapsulation", involves sending both IKE packets for Security Association establishment and Encapsulating Security Payload (ESP) packets over a TCP connection. This method is intended to be used as a fallback option when IKE cannot be negotiated over UDP. TCP encapsulation for IKE and IPsec was defined in RFC 8229. This document updates the specification for TCP encapsulation by including additional clarifications obtained during implementation and deployment of this method. This documents obsoletes RFC 8229. The IETF datatracker status page for this draft is: https://datatracker.ietf.org/doc/draft-ietf-ipsecme-rfc8229bis/ There is also an htmlized version available at: https://datatracker.ietf.org/doc/html/draft-ietf-ipsecme-rfc8229bis-07 A diff from the previous version is available at: https://www.ietf.org/rfcdiff?url2=draft-ietf-ipsecme-rfc8229bis-07 Internet-Drafts are also available by rsync at rsync.ietf.org::internet-drafts _______________________________________________ IPsec mailing list IPsec@ietf.org https://www.ietf.org/mailman/listinfo/ipsec _______________________________________________ Tsv-art mailing list Tsv-art@ietf.org https://www.ietf.org/mailman/listinfo/tsv-art
- Re: [IPsec] I-D Action: draft-ietf-ipsecme-rfc822… Valery Smyslov
- [IPsec] I-D Action: draft-ietf-ipsecme-rfc8229bis… internet-drafts
- Re: [IPsec] [Tsv-art] I-D Action: draft-ietf-ipse… touch@strayalpha.com
- Re: [IPsec] [secdir] [Tsv-art] I-D Action: draft-… Valery Smyslov