[IPsec] #123: Proposal to remove the IANA tables from IKEv2bis
Tero Kivinen <kivinen@iki.fi> Tue, 24 November 2009 14:17 UTC
Return-Path: <kivinen@iki.fi>
X-Original-To: ipsec@core3.amsl.com
Delivered-To: ipsec@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 0D7163A67D4 for <ipsec@core3.amsl.com>; Tue, 24 Nov 2009 06:17:19 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.556
X-Spam-Level:
X-Spam-Status: No, score=-2.556 tagged_above=-999 required=5 tests=[AWL=0.043, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id C+XgsC9gLd5o for <ipsec@core3.amsl.com>; Tue, 24 Nov 2009 06:17:18 -0800 (PST)
Received: from mail.kivinen.iki.fi (fireball.acr.fi [83.145.195.1]) by core3.amsl.com (Postfix) with ESMTP id C11283A63C9 for <ipsec@ietf.org>; Tue, 24 Nov 2009 06:17:17 -0800 (PST)
Received: from fireball.kivinen.iki.fi (localhost [127.0.0.1]) by mail.kivinen.iki.fi (8.14.3/8.14.3) with ESMTP id nAOEHCb4003018 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Tue, 24 Nov 2009 16:17:12 +0200 (EET)
Received: (from kivinen@localhost) by fireball.kivinen.iki.fi (8.14.3/8.12.11) id nAOEHBCf002630; Tue, 24 Nov 2009 16:17:11 +0200 (EET)
X-Authentication-Warning: fireball.kivinen.iki.fi: kivinen set sender to kivinen@iki.fi using -f
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Message-ID: <19211.60135.834509.954897@fireball.kivinen.iki.fi>
Date: Tue, 24 Nov 2009 16:17:11 +0200
From: Tero Kivinen <kivinen@iki.fi>
To: Paul Hoffman <paul.hoffman@vpnc.org>
In-Reply-To: <p06240847c730db1c447f@[10.20.30.158]>
References: <p06240847c730db1c447f@[10.20.30.158]>
X-Mailer: VM 7.19 under Emacs 21.4.1
X-Edit-Time: 9 min
X-Total-Time: 8 min
Cc: IPsecme WG <ipsec@ietf.org>
Subject: [IPsec] #123: Proposal to remove the IANA tables from IKEv2bis
X-BeenThere: ipsec@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Discussion of IPsec protocols <ipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ipsec>
List-Post: <mailto:ipsec@ietf.org>
List-Help: <mailto:ipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 24 Nov 2009 14:17:19 -0000
Paul Hoffman writes: > This has flummoxed a few reviewers. Tables such as those in section > 3.3.2 are already out of date because things have been added since > RFC 4306. I propose that we remove all these tables from IKEv2bis, > and add notes pointing to the current IANA registries. I cannot see > how doing this lookup will hurt developers: in fact, it forces them > to actually look at the up-to-date tables. I can see how we might > want to leave the tables in, but it really is confusing. I would be in favor of removing the tables which are updated frequently, but I think most of the tables should still stay in the IKEv2bis. For example I think IKEv2 exchange types, Next Payload Types, Protocol ID, Transform type values etc should stay, but for example tables like Transform type 1 (Encryption Algorithm) could point to the IANA registry. I.e if table is integral part of the protocol, then it should stay in the IKEv2bis document, but if it is something like listing of crypto algorithm etc, then it can be changed to point to the IANA registry. Mostly that means that if the IANA registry has some other RFC(s) as reference for the values in the registry (ENCR_3DES points ot RFC2451 etc, PRF_HMAC_MD5 points to RFC2104) then it it is useful to put references to the IANA registry. On the other hand if only references in the IANA registry is back to the RFC4306 (or IKEv2bis document in future), then its bit pointless to ask people to go to the iana registry to see that they should read this document they are reading to get more information :-) For examples of such registries are Next Payload Type, Transform Type Values, IKEv2 Transform Attribute Types, IKEv2 Identification Payload ID Types, IKEv2 Certificate Encodings... -- kivinen@iki.fi
- [IPsec] #123: Proposal to remove the IANA tables … Paul Hoffman
- Re: [IPsec] #123: Proposal to remove the IANA tab… Dan McDonald
- Re: [IPsec] #123: Proposal to remove the IANA tab… Paul Hoffman
- Re: [IPsec] #123: Proposal to remove the IANA tab… Dan McDonald
- Re: [IPsec] #123: Proposal to remove the IANA tab… Dan McDonald
- Re: [IPsec] #123: Proposal to remove the IANA tab… Paul Hoffman
- Re: [IPsec] #123: Proposal to remove the IANA tab… Steven Bellovin
- Re: [IPsec] #123: Proposal to remove the IANA tab… Yaron Sheffer
- Re: [IPsec] #123: Proposal to remove the IANA tab… Pasi.Eronen
- [IPsec] #123: Proposal to remove the IANA tables … Tero Kivinen
- Re: [IPsec] #123: Proposal to remove the IANA tab… Paul Hoffman
- Re: [IPsec] #123: Proposal to remove the IANA tab… Yaron Sheffer
- Re: [IPsec] #123: Proposal to remove the IANA tab… Tero Kivinen
- Re: [IPsec] #123: Proposal to remove the IANA tab… Paul Hoffman
- Re: [IPsec] #123: Proposal to remove the IANA tab… Dan McDonald
- Re: [IPsec] #123: Proposal to remove the IANA tab… Tero Kivinen
- Re: [IPsec] #123: Proposal to remove the IANA tab… Paul Hoffman
- Re: [IPsec] #123: Proposal to remove the IANA tab… Yaron Sheffer
- Re: [IPsec] #123: Proposal to remove the IANA tab… Paul Hoffman
- Re: [IPsec] #123: Proposal to remove the IANA tab… Valery Smyslov
- Re: [IPsec] #123: Proposal to remove the IANA tab… Tero Kivinen
- Re: [IPsec] #123: Proposal to remove the IANA tab… Paul Hoffman
- Re: [IPsec] #123: Proposal to remove the IANA tab… Valery Smyslov
- Re: [IPsec] #123: Proposal to remove the IANA tab… Paul Hoffman
- Re: [IPsec] #123: Proposal to remove the IANA tab… Valery Smyslov
- Re: [IPsec] #123: Proposal to remove the IANA tab… Paul Hoffman
- Re: [IPsec] #123: Proposal to remove the IANA tab… Valery Smyslov
- Re: [IPsec] #123: Proposal to remove the IANA tab… Tero Kivinen
- Re: [IPsec] #123: Proposal to remove the IANA tab… Tero Kivinen
- Re: [IPsec] Diffie-Hellman group transform IDs IA… Tero Kivinen
- Re: [IPsec] #123: Proposal to remove the IANA tab… David Wierbowski
- Re: [IPsec] Diffie-Hellman group transform IDs IA… Paul Hoffman
- Re: [IPsec] Diffie-Hellman group transform IDs IA… Dan Harkins
- Re: [IPsec] Diffie-Hellman group transform IDs IA… Tero Kivinen
- Re: [IPsec] Diffie-Hellman group transform IDs IA… Paul Hoffman
- Re: [IPsec] #123: Proposal to remove the IANA tab… Pasi.Eronen