Re: [IPsec] I-D Action: draft-ietf-ipsecme-rfc8229bis-07.txt
Valery Smyslov <smyslov.ietf@gmail.com> Fri, 03 June 2022 16:02 UTC
Return-Path: <smyslov.ietf@gmail.com>
X-Original-To: ipsec@ietfa.amsl.com
Delivered-To: ipsec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 284BFC15AAE3; Fri, 3 Jun 2022 09:02:36 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.108
X-Spam-Level:
X-Spam-Status: No, score=-2.108 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id BZyT6hcxFhOe; Fri, 3 Jun 2022 09:02:35 -0700 (PDT)
Received: from mail-lf1-x12a.google.com (mail-lf1-x12a.google.com [IPv6:2a00:1450:4864:20::12a]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1030FC157B50; Fri, 3 Jun 2022 09:02:35 -0700 (PDT)
Received: by mail-lf1-x12a.google.com with SMTP id h23so13313116lfe.4; Fri, 03 Jun 2022 09:02:34 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=from:to:cc:references:in-reply-to:subject:date:message-id :mime-version:content-transfer-encoding:thread-index :content-language; bh=DA0VxAnh0yFfpZXbQFjVk/XPQHdIF4A0shsYzVl5+Es=; b=D2vjfiE0oaNqXSClIdkJbkHhdFmX8I7aRvr1I5ROy6AfBeFVQ1eeQsrym7pRW2AiiL Nxaf9dHtYotifn+G2APXrTgOVR67xyxka4VgD4Qw8Nsqo13NSucVTfSTGcZ2z2nQk2/t J4gtFmSsie7itWkPaNqYHShETea0S5BzE0x1a5cQMLJmY7Q/vkiw+JdjH5+X44azUNoE MMC/H0b1AJ18816z/mspwtxFcV6q61QU7Q9GWqVVlTDrTmElzLUqOPNFaeloVRhOIWzN 5lduHwDvbNbZjTtDF2IPmg7SSlozDypcC3wwdVnSAzxp0YfNUancWL1BR+THe3rlawRy XBbA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:cc:references:in-reply-to:subject:date :message-id:mime-version:content-transfer-encoding:thread-index :content-language; bh=DA0VxAnh0yFfpZXbQFjVk/XPQHdIF4A0shsYzVl5+Es=; b=AAg3p8eKO3LIr36A5UK1KLNLnrRlDrXp5bfTgwC7vFYrTZDHQ0x0Z9FP2iP5XYVeg6 bfG3Ulj12Yao6rtcWHfJ20346ohUpC8b5c7+OzpZCJgVbuDiqW1x0bu/7E+kjOWIOSDK HJbqDZs+Ea1UGh/PrrmjnNYICjfWxo1BuwL1qCULz+3f9MChA3Zwrvhhsoggflq71ALC YY06T2qCpICMi3DDhqM1cvS/w9fj3XATpfKIBrF3xoJnwNtl0IlmBTtSlf0/t4H96waB X+yGWmu2kg5PNy4Dmzdj39zvITf+V+CswEybwVCB9BGFvQOXaYdN2IzUsISoSrfi+RmF ioig==
X-Gm-Message-State: AOAM532NLKbRMLzzOEKqTvMAdqPi2e3yQpcyH2G4Y57Xo+4Kq2Wbzf1Y V0P15y4Sq5IVv+apqGHOLmXrYuF8Y9o=
X-Google-Smtp-Source: ABdhPJxyF6PkGK8eJBNdsxpSyt7GkDdtSy5EfPhsSIeNtE0blZUIq1RKOOjEep/9fS4n1U4PVhLYcQ==
X-Received: by 2002:ac2:4e88:0:b0:477:c186:6e83 with SMTP id o8-20020ac24e88000000b00477c1866e83mr52912404lfr.663.1654272152228; Fri, 03 Jun 2022 09:02:32 -0700 (PDT)
Received: from buildpc ([93.188.44.204]) by smtp.gmail.com with ESMTPSA id m12-20020a2e710c000000b00253eee43dd7sm1354664ljc.44.2022.06.03.09.02.31 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Fri, 03 Jun 2022 09:02:31 -0700 (PDT)
From: Valery Smyslov <smyslov.ietf@gmail.com>
To: ipsec@ietf.org
Cc: secdir@ietf.org, tsv-art@ietf.org, gen-art@ietf.org, Joseph Touch <touch@strayalpha.com>, 'Christian Huitema' <huitema@huitema.net>, 'Reese Enghardt' <ietf@tenghardt.net>
References: <165427134661.3358.1773230986010358694@ietfa.amsl.com>
In-Reply-To: <165427134661.3358.1773230986010358694@ietfa.amsl.com>
Date: Fri, 03 Jun 2022 19:02:24 +0300
Message-ID: <020d01d87763$50f65c20$f2e31460$@gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Outlook 14.0
Thread-Index: AQMSHNcy18MVat4h80cFKim9ornoiarKizgw
Content-Language: ru
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipsec/n0s2td7sKhzE97UIH35GGjJAQJg>
Subject: Re: [IPsec] I-D Action: draft-ietf-ipsecme-rfc8229bis-07.txt
X-BeenThere: ipsec@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Discussion of IPsec protocols <ipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipsec>, <mailto:ipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipsec/>
List-Post: <mailto:ipsec@ietf.org>
List-Help: <mailto:ipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 03 Jun 2022 16:02:36 -0000
Hi, we published a new version, which should address comments received during IETF LC and directorate reviews. Many thanks for very helpful reviews! Regards, Tommy & Valery. > -----Original Message----- > From: IPsec [mailto:ipsec-bounces@ietf.org] On Behalf Of internet-drafts@ietf.org > Sent: Friday, June 03, 2022 6:49 PM > To: i-d-announce@ietf.org > Cc: ipsec@ietf.org > Subject: [IPsec] I-D Action: draft-ietf-ipsecme-rfc8229bis-07.txt > > > A New Internet-Draft is available from the on-line Internet-Drafts directories. > This draft is a work item of the IP Security Maintenance and Extensions WG of the IETF. > > Title : TCP Encapsulation of IKE and IPsec Packets > Authors : Tommy Pauly > Valery Smyslov > Filename : draft-ietf-ipsecme-rfc8229bis-07.txt > Pages : 34 > Date : 2022-06-03 > > Abstract: > This document describes a method to transport Internet Key Exchange > Protocol (IKE) and IPsec packets over a TCP connection for traversing > network middleboxes that may block IKE negotiation over UDP. This > method, referred to as "TCP encapsulation", involves sending both IKE > packets for Security Association establishment and Encapsulating > Security Payload (ESP) packets over a TCP connection. This method is > intended to be used as a fallback option when IKE cannot be > negotiated over UDP. > > TCP encapsulation for IKE and IPsec was defined in RFC 8229. This > document updates the specification for TCP encapsulation by including > additional clarifications obtained during implementation and > deployment of this method. This documents obsoletes RFC 8229. > > > The IETF datatracker status page for this draft is: > https://datatracker.ietf.org/doc/draft-ietf-ipsecme-rfc8229bis/ > > There is also an htmlized version available at: > https://datatracker.ietf.org/doc/html/draft-ietf-ipsecme-rfc8229bis-07 > > A diff from the previous version is available at: > https://www.ietf.org/rfcdiff?url2=draft-ietf-ipsecme-rfc8229bis-07 > > > Internet-Drafts are also available by rsync at rsync.ietf.org::internet-drafts > > > _______________________________________________ > IPsec mailing list > IPsec@ietf.org > https://www.ietf.org/mailman/listinfo/ipsec
- Re: [IPsec] I-D Action: draft-ietf-ipsecme-rfc822… Valery Smyslov
- [IPsec] I-D Action: draft-ietf-ipsecme-rfc8229bis… internet-drafts
- Re: [IPsec] [Tsv-art] I-D Action: draft-ietf-ipse… touch@strayalpha.com
- Re: [IPsec] [secdir] [Tsv-art] I-D Action: draft-… Valery Smyslov