Re: [IPsec] AD review of draft-ietf-ipsecme-tcp-encaps
Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com> Tue, 28 March 2017 16:16 UTC
Return-Path: <kathleen.moriarty.ietf@gmail.com>
X-Original-To: ipsec@ietfa.amsl.com
Delivered-To: ipsec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9AFFB1294A8 for <ipsec@ietfa.amsl.com>; Tue, 28 Mar 2017 09:16:51 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DAGxRmdVSROe for <ipsec@ietfa.amsl.com>; Tue, 28 Mar 2017 09:16:49 -0700 (PDT)
Received: from mail-pg0-x22f.google.com (mail-pg0-x22f.google.com [IPv6:2607:f8b0:400e:c05::22f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9DE9512940E for <ipsec@ietf.org>; Tue, 28 Mar 2017 09:16:48 -0700 (PDT)
Received: by mail-pg0-x22f.google.com with SMTP id 81so62622532pgh.2 for <ipsec@ietf.org>; Tue, 28 Mar 2017 09:16:48 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=Q5Xnc7BfELiV8bEm1b0dIbBkDXECwSN4HJKnhKLuQVg=; b=Mtc72FTA0x5hj2R/J42XqDs+qlMkXpCR/JOrsvf6V6JHfnImfbUdpRBtuD+ML3KDTv PgC3X/fTRjiFipy7o+ARv6yCUlmW88bv/+VD5KWuhdUHsGzZIQ8HTPZvPfCYjXp9JPnD cQgXQc0gx6KrBoe11IMdqH95AGeZKekuckEHvuAkoRXmh3GDoAI5eWWqLjuIIlGwRGon 66VMSDax6RbZtnlXs01tNTIp5fOY9X1GjpVz5eG8hRtpOYlN9K60Pmmni3V//gx9QP4P LoRI8LEnXtQDTdKhcs0kQGNUUWipmdoZ52lhpxP7GM+Op1vSodFtU92B1/9r/sDD+8+J sSMQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=Q5Xnc7BfELiV8bEm1b0dIbBkDXECwSN4HJKnhKLuQVg=; b=N3V0+mj+SHL4ePjUMu4SysSdJ6nJe/DARgis1s9yeVN0pmwGcva5dsGk1ZrPvSAJ2U rl4h6qKC2aqMYw12Ts30uNT7f6AmE0mJ6wRLEn4hajmvsJD9NsN0XMQL2eRH7W3I2v8v MTJMPSNMofCdl2tlO4wemaENqoXB5ezf8YWvdmmiuBelN2tDeGQZkgmv3s4iomkoLWC5 jCj6CM/w+SrrtFNjPBnYAEwBOWdfAWNsy5egV5LJ5zpe8j7BkCOU08ocYCf0Xj5jezVC TM1HS9Cd5qvfM4uAPNPRgzRXDzGTAc1Ug6zoOBtFO4xF2ocfIuXh0QJmJx7BWhpLBF0g UpjA==
X-Gm-Message-State: AFeK/H3KhllshpEOqQyiWpRXzFGxmo2Nngo/BbdgyeJnKr5loZLQktmRPXoqJgQ5ySx2ZKAhUuwJqHPbssNOJA==
X-Received: by 10.99.159.1 with SMTP id g1mr32046467pge.88.1490717808227; Tue, 28 Mar 2017 09:16:48 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.100.183.98 with HTTP; Tue, 28 Mar 2017 09:16:47 -0700 (PDT)
In-Reply-To: <20E77229-492A-478B-8B92-7B963EAFC685@apple.com>
References: <CAHbuEH5jQ6nEDAPuBnGG7xE812Wx8rnTCzXND7zvrx7pk42u_Q@mail.gmail.com> <25B4F448-EB83-4CE6-8714-38AC0A98AA9A@apple.com> <CAHbuEH7ToRBj7nuoRiSdwTG6mo7=1MMezFXjrCbF_XJZg1yKcA@mail.gmail.com> <20E77229-492A-478B-8B92-7B963EAFC685@apple.com>
From: Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com>
Date: Tue, 28 Mar 2017 12:16:47 -0400
Message-ID: <CAHbuEH7gQza3CZbZGQg5dxj47oR0L3dw_R9WTqZu_oSrCQcbMw@mail.gmail.com>
To: Tommy Pauly <tpauly@apple.com>
Cc: "ipsec@ietf.org" <ipsec@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipsec/raI27xnC5pQZGcZPMvKRpQIkLDU>
Subject: Re: [IPsec] AD review of draft-ietf-ipsecme-tcp-encaps
X-BeenThere: ipsec@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Discussion of IPsec protocols <ipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipsec>, <mailto:ipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipsec/>
List-Post: <mailto:ipsec@ietf.org>
List-Help: <mailto:ipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 28 Mar 2017 16:16:52 -0000
Hi Tommy, Sorry I dropped the ball. I can start IETF last call, but since we are in IETF week, should it be extended a week? Thanks, Kathleen On Sun, Mar 12, 2017 at 3:11 PM, Tommy Pauly <tpauly@apple.com> wrote: > Hi Kathleen, > > I've just posted a new version to fix some minor nits and add a reference > for the SHA-1 digest used for NAT detection: > https://www.ietf.org/id/draft-ietf-ipsecme-tcp-encaps-09.txt > > From my perspective, I think starting a IETF last call now make sense. > > Thanks! > Tommy > > On Mar 9, 2017, at 10:48 AM, Kathleen Moriarty > <kathleen.moriarty.ietf@gmail.com> wrote: > > On Thu, Mar 9, 2017 at 12:47 PM, Tommy Pauly <tpauly@apple.com> wrote: > > Hi Kathleen, > > Yes, this is referring to how the existing NAT detection works in IKEv2: > > https://tools.ietf.org/html/rfc7296 > > Section 2.23. NAT Traversal > > o The data associated with the NAT_DETECTION_SOURCE_IP notification > is a SHA-1 digest of the SPIs (in the order they appear in the > header), IP address, and port from which this packet was sent. > > We can add a pointer to the section of the RFC. > > > Great. Please let me know when that is done and I can start IETF last > call. Does the WG want me to start that right away or to wait until > after Chicago? I'm inclined to start it right away and have it on the > first telechat after. > > Thanks, > Kathleen > > > Thanks, > Tommy > > On Mar 9, 2017, at 9:39 AM, Kathleen Moriarty > <kathleen.moriarty.ietf@gmail.com> wrote: > > Hello, > > Thank you for your work on draft-ietf-ipsecme-tcp-encaps. It's a well > written draft and I just have one question. > > Section 7: Why is SHA-1 used? If this is a result of the protocol and > prior RFCs, please include a reference. And an explanation on list > would be helpful (pointer is fine if this was already discussed. > > > > -- > > Best regards, > Kathleen > > _______________________________________________ > IPsec mailing list > IPsec@ietf.org > https://www.ietf.org/mailman/listinfo/ipsec > > > > > > -- > > Best regards, > Kathleen > > -- Best regards, Kathleen
- [IPsec] AD review of draft-ietf-ipsecme-tcp-encaps Kathleen Moriarty
- Re: [IPsec] AD review of draft-ietf-ipsecme-tcp-e… Tommy Pauly
- Re: [IPsec] AD review of draft-ietf-ipsecme-tcp-e… Kathleen Moriarty
- Re: [IPsec] AD review of draft-ietf-ipsecme-tcp-e… Tommy Pauly
- Re: [IPsec] AD review of draft-ietf-ipsecme-tcp-e… Kathleen Moriarty
- Re: [IPsec] AD review of draft-ietf-ipsecme-tcp-e… Tero Kivinen