IETF Logo Mail Archive

Re: [IPsec] WG adoptation call for draft-smyslov-ipsecme-ikev2-aux-02

"Valery Smyslov" <smyslov.ietf@gmail.com> Thu, 21 March 2019 11:44 UTC

Return-Path: <smyslov.ietf@gmail.com>
X-Original-To: ipsec@ietfa.amsl.com
Delivered-To: ipsec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 185A3128661 for <ipsec@ietfa.amsl.com>; Thu, 21 Mar 2019 04:44:44 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.499
X-Spam-Level:
X-Spam-Status: No, score=-0.499 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_SORBS_WEB=1.5, SPF_PASS=-0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MZv00yss82Zu for <ipsec@ietfa.amsl.com>; Thu, 21 Mar 2019 04:44:42 -0700 (PDT)
Received: from mail-wm1-x32d.google.com (mail-wm1-x32d.google.com [IPv6:2a00:1450:4864:20::32d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 258AE127964 for <ipsec@ietf.org>; Thu, 21 Mar 2019 04:44:42 -0700 (PDT)
Received: by mail-wm1-x32d.google.com with SMTP id a184so2366688wma.2 for <ipsec@ietf.org>; Thu, 21 Mar 2019 04:44:42 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:references:in-reply-to:subject:date:message-id:mime-version :thread-index:content-language; bh=QeyBWLb/W2U7eN8wwnuAC+yXp/UuI+9/71s0WyfgW54=; b=k8Hnyp+P0E+mKtQKO2hEcygJsw1KH1GBVT0sqV2orHCubVBself/g7foukURqmDC2d EmM6msRkc9w2tF/TI5M+h5p+nTyYI8MG4nhX0l4cL7O4+JYMlAko2lhGn2XLk341M+C3 7xlQ2Hl/5wzyUGonA9ex/2rkRNK0Y5VTgvuyPNVgYfxSO6wQodT/q5z9S8O6amBtaWIu Q+u70UqJMo5ZFQLZtWQ9n8i6xQ+DvkkY4l/GVqfisgPYLjTUzH1lYeDA7KUzKeiDWuE7 xYR9g0QSZZFAkC0fIK2YzZoTvxgGYAgJP1lTXaPNWZ7Zocp7cy7lHB7cJ8OTZrJZ5BvW tf6w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:references:in-reply-to:subject:date :message-id:mime-version:thread-index:content-language; bh=QeyBWLb/W2U7eN8wwnuAC+yXp/UuI+9/71s0WyfgW54=; b=erUR7yCcRRFUn4kDg/OwnMGEad+OBEKpEhb24vs4UeLD/OfYF2Bap1g4ZvF9NNk3hz Zpb3al9mO6O4rkGMA+qjUrUMt/yuPLdIHFlrZ9RLLD5j1KLE+CoeFWqXG+oVUeK6v1og WNS/M0zy7Do1NikOPOx/5aC2BpMRGsaQGlC1dgvg1a041wPohK+8rS6wr1QzowzALeGj syztboZ59Edxw/y/n9FmXskrT9hfxLrpGe174ju4/jd46n3s5aSgPgL+enCG6+muRjCP mhX/1wWXumF5mlYrvezG4my/h9Wz7NnOmmWobtTaNKT0agQ19IEHnuuRwYRk4OTmp0fr 3CIA==
X-Gm-Message-State: APjAAAVP3uVPnFblJHI3sWbHArEi5OoTMfuBmrZK4A7RnzETLY+VfnMc ZjecsLDR45DsljLXu9twuhs=
X-Google-Smtp-Source: APXvYqzHo+YVxzy3IBizNtC8sZH4pJ/dw+23V11xpiYTeY73ZWQIuMLGEUIiTptKqz7pFjtfjywwqQ==
X-Received: by 2002:a1c:7dd7:: with SMTP id y206mr2202871wmc.81.1553168680737; Thu, 21 Mar 2019 04:44:40 -0700 (PDT)
Received: from buildpc ([82.138.51.4]) by smtp.gmail.com with ESMTPSA id b3sm5942902wrx.57.2019.03.21.04.44.39 (version=TLS1 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Thu, 21 Mar 2019 04:44:39 -0700 (PDT)
From: Valery Smyslov <smyslov.ietf@gmail.com>
To: 'Tobias Heider' <heidert@nm.ifi.lmu.de>, 'Tobias Guggemos' <guggemos@nm.ifi.lmu.de>, 'Tero Kivinen' <kivinen@iki.fi>, ipsec@ietf.org
References: <23688.31062.426962.985107@fireball.acr.fi> <01c701d4da41$3c61f890$b525e9b0$@gmail.com> <6454f07af680410e918431971f3489f2@XCH-ALN-010.cisco.com> <001e01d4ddac$5502d770$ff088650$@nm.ifi.lmu.de> <059301d4de2d$faa5a000$eff0e000$@gmail.com> <000a01d4de79$31d3cc00$957b6400$@nm.ifi.lmu.de> <06b701d4deed$706f1310$514d3930$@gmail.com> <a1bc12d7-7c8c-cd12-f0fa-cb6bd9bb7265@cip.ifi.lmu.de> <077301d4dfbc$60031f10$20095d30$@gmail.com> <2f35bfb4-1d83-fb5e-c686-76c34f1424a5@nm.ifi.lmu.de>
In-Reply-To: <2f35bfb4-1d83-fb5e-c686-76c34f1424a5@nm.ifi.lmu.de>
Date: Thu, 21 Mar 2019 14:44:36 +0300
Message-ID: <079e01d4dfdb$767889f0$63699dd0$@gmail.com>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="----=_NextPart_000_079F_01D4DFF4.9BC74890"
X-Mailer: Microsoft Outlook 14.0
Thread-Index: AQICh2VSFjkuY0eSQrYh6iGxPAV2+AHuWDWOAmpINo8CGcLbUAMGThUEAw641ZkCdcCrbQH6yHdxAYDYIUoBeY1yhaUbE0NQ
Content-Language: ru
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipsec/gATrMk0QzED2zSP1kSV12JcWqaI>
Subject: Re: [IPsec] WG adoptation call for draft-smyslov-ipsecme-ikev2-aux-02
X-BeenThere: ipsec@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Discussion of IPsec protocols <ipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipsec>, <mailto:ipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipsec/>
List-Post: <mailto:ipsec@ietf.org>
List-Help: <mailto:ipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 21 Mar 2019 11:44:44 -0000

In that case, isn't the effort of having to explicitly specify every single case actually the 
same as if every of these documents would simply specify it's own exchange that
takes place between IKE_SA_INIT and IKE_AUTH?
What is the advantage of using INTERMEDIATE then, instead of just rolling your own
solution?

          The advantage is that some common things (like authentication
          of the intermediate exchange, its protection, error handling etc.)
          remain the same. So you don’t need to specify this again
          and you can have a single piece of code for this.

          Note, that we don’t have separate exchanges for e.g. deleting SAs,
          reporting errors, liveness checking, - it’s a single INFORMATIONAL
          that is used for all these (and many other) purposes.

          Regards,
          Valery


Regards,
Tobias

v2.23.0 | Report a Bug | By Email