Re: [IPsec] I-D Action: draft-ietf-ipsecme-rfc4307bis-15.txt

Paul Wouters <paul@nohats.ca> Thu, 20 October 2016 18:43 UTC

Return-Path: <paul@nohats.ca>
X-Original-To: ipsec@ietfa.amsl.com
Delivered-To: ipsec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 554951295B1 for <ipsec@ietfa.amsl.com>; Thu, 20 Oct 2016 11:43:50 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.431
X-Spam-Level:
X-Spam-Status: No, score=-2.431 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RP_MATCHES_RCVD=-0.431] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=nohats.ca
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id eJwLZML069Dl for <ipsec@ietfa.amsl.com>; Thu, 20 Oct 2016 11:43:49 -0700 (PDT)
Received: from mx.nohats.ca (mx.nohats.ca [IPv6:2a03:6000:1004:1::68]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1230F129584 for <ipsec@ietf.org>; Thu, 20 Oct 2016 11:43:49 -0700 (PDT)
Received: from localhost (localhost [IPv6:::1]) by mx.nohats.ca (Postfix) with ESMTP id 3t0Hl66pjTz39k for <ipsec@ietf.org>; Thu, 20 Oct 2016 20:43:46 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nohats.ca; s=default; t=1476989026; bh=IphfMc0tIPXCKQSCGTPA8I0DfYlFT5637cirB98CpV8=; h=Date:From:To:Subject:In-Reply-To:References; b=OSzKl9rrWbM4KP9pW0YdRj29XCSF5cY14WoVUC8Jcn3zhYMJzUzoWfKyOYppn9r+c kCtfh54c/Ur8J4SiI4IpzCyw/RauMCYmpsTlzOTWI03VT947fMoxUXqq89MqqbT9nw T4xXKefq8zoA+lGHZjdDlOF0L8wKwBCQFcSWzqhA=
X-Virus-Scanned: amavisd-new at mx.nohats.ca
Received: from mx.nohats.ca ([IPv6:::1]) by localhost (mx.nohats.ca [IPv6:::1]) (amavisd-new, port 10024) with ESMTP id g8k8L1b9lZjx for <ipsec@ietf.org>; Thu, 20 Oct 2016 20:43:44 +0200 (CEST)
Received: from bofh.nohats.ca (206-248-139-105.dsl.teksavvy.com [206.248.139.105]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx.nohats.ca (Postfix) with ESMTPS for <ipsec@ietf.org>; Thu, 20 Oct 2016 20:43:44 +0200 (CEST)
Received: by bofh.nohats.ca (Postfix, from userid 1000) id F35864CA652; Thu, 20 Oct 2016 14:43:41 -0400 (EDT)
DKIM-Filter: OpenDKIM Filter v2.10.3 bofh.nohats.ca F35864CA652
Received: from localhost (localhost [127.0.0.1]) by bofh.nohats.ca (Postfix) with ESMTP id DA78040DAA3D for <ipsec@ietf.org>; Thu, 20 Oct 2016 14:43:41 -0400 (EDT)
Date: Thu, 20 Oct 2016 14:43:41 -0400
From: Paul Wouters <paul@nohats.ca>
To: "ipsec@ietf.org WG" <ipsec@ietf.org>
In-Reply-To: <147698886187.18123.8815573364247477008.idtracker@ietfa.amsl.com>
Message-ID: <alpine.LRH.2.20.1610201441300.31889@bofh.nohats.ca>
References: <147698886187.18123.8815573364247477008.idtracker@ietfa.amsl.com>
User-Agent: Alpine 2.20 (LRH 67 2015-01-07)
MIME-Version: 1.0
Content-Type: text/plain; charset="US-ASCII"; format="flowed"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipsec/mLn2Es89r4M0In7isyxp1GEeyqo>
Subject: Re: [IPsec] I-D Action: draft-ietf-ipsecme-rfc4307bis-15.txt
X-BeenThere: ipsec@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Discussion of IPsec protocols <ipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipsec>, <mailto:ipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipsec/>
List-Post: <mailto:ipsec@ietf.org>
List-Help: <mailto:ipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 20 Oct 2016 18:43:50 -0000

On Thu, 20 Oct 2016, internet-drafts@ietf.org wrote:

> A New Internet-Draft is available from the on-line Internet-Drafts directories.
> This draft is a work item of the IP Security Maintenance and Extensions of the IETF.
>
>        Title           : Algorithm Implementation Requirements and Usage Guidance for IKEv2

> A diff from the previous version is available at:
> https://www.ietf.org/rfcdiff?url2=draft-ietf-ipsecme-rfc4307bis-15

The only change in this version is based on discussion on saag and
ipsecme, where there was consensus to change DH Group 22 from SHOULD
NOT to MUST NOT. DH 23 and 24 remain at SHOULD NOT and retain their
warning they will move to MUST NOT in the near future.

Paul