Re: [IPsec] WG Last Call: draft-ietf-ipsecme-traffic-visibility-05

[gabriel montenegro <g_e_montenegro@yahoo.com>]

Brian Swander notes that we should be explicit about the IV
which may be present. It may be clear that this is the intention, but I agree that
it is best to be explicit. 

This is what we suggest in light of this:
 
NEW:
   HdrLen, 8 bits: Offset from the beginning of the WESP header to 
   the beginning of the Rest of Payload Data (i.e., past the IV, 
   if present) within the encapsulated ESP header, inoctets. 
Gabriel

>
>From: gabriel montenegro <g_e_montenegro@yahoo.com>
>To: Yoav Nir <ynir@checkpoint.com>; Yaron Sheffer <yaronf@checkpoint.com>; "ipsec@ietf.org" <ipsec@ietf.org>
>Sent: Monday, July 13, 2009 9:05:23 AM
>Subject: Re: [IPsec] WG Last Call: draft-ietf-ipsecme-traffic-visibility-05
>
>
>Hi Yoav,
> 
>Good catch,  we say offset *to* what, but we don’t say *from* where.
> 
>Among the co-authors, we'd like to suggest this as a simple text change to address this:
> 
>OLD:
>   HdrLen, 8 bits: Offset to the beginning of the Payload Data in
>   octets. 
> 
>NEW:
>   HdrLen, 8 bits: Offset from the beginning of the WESP header to 
>   the beginning of the Payload Data within the encapsulated ESP header, in
>   octets. 
> 
> 
>Does this sound ok?
> 
>BTW, in the case of TrailerLen we do say both *from* as well as *to*.
>
>Gabriel
>
>>
>>From: Yoav Nir <ynir@checkpoint.com>
>>To: Yaron Sheffer <yaronf@checkpoint.com>; "ipsec@ietf.org" <ipsec@ietf.org>
>>Sent: Tuesday, July 7, 2009 4:35:19 AM
>>Subject: Re: [IPsec] WG Last Call: draft-ietf-ipsecme-traffic-visibility-05
>>
>>
>>I’ve read it again, and it seems fine.  One minor issue, though.
>> 
>>Section 2 describes the WESP header format. It has the following:
>>   HdrLen, 8 bits: Offset to the beginning of the Payload Data in
>>   octets. The receiver MUST ensure that this field matches with
>>   the header offset computed from using the negotiated SA and MUST
>>   drop the packet in case it doesn't match.
>> 
>>I think I know what they mean, but it’s entirely not clear what this field is supposed to hold.  Is it the size of the existing ESP header?  Is it that + 4?  How about “the combined length of all the ESP fields that precede the “Payload Data” field” in ESP” ?  
>> 
>> 
>> 
>>
________________________________

>>From:ipsec-bounces@ietf.org [mailto:ipsec-bounces@ietf.org] On Behalf Of Yaron Sheffer
>>Sent: Saturday, July 04, 2009 10:48 PM
>>To: ipsec@ietf.org
>>Subject: [IPsec] WG Last Call: draft-ietf-ipsecme-traffic-visibility-05
>> 
>>This is the beginning of a two-week WG Last Call, which will end July 18. The target status for this document is Proposed Standard. The current document is at http://tools.ietf.org/html/draft-ietf-ipsecme-traffic-visibility-05.
>> 
>>If you have not read the document before now, please do so. Having fresh eyes on the document often brings up important issues. If you HAVE read it before, please note that there have been several revisions since San Francisco , so you might want to read it again (plus it’s a short document). Send any comments to the list, even if they are as simple as "I read it and it seems fine".
>> 
>>Please clearly indicate the position of any issue in the Internet Draft, and if possible provide alternative text. Please also indicate the nature or severity of the error or correction, e.g. major technical, minor technical, nit, so that we can quickly judge the extent of problems with the document.
>> 
>>Thanks,
>>            Yaron
>>
>>Email secured by Check Point 
>>
>>