Re: [IPsec] [I2nsf] I-D Action: draft-ietf-i2nsf-sdn-ipsec-flow-protection-05.txt

Rafa Marin-Lopez <rafa@um.es> Mon, 22 July 2019 15:11 UTC

Return-Path: <rafa@um.es>
X-Original-To: ipsec@ietfa.amsl.com
Delivered-To: ipsec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 04AB91202FF; Mon, 22 Jul 2019 08:11:42 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.199
X-Spam-Level:
X-Spam-Status: No, score=-4.199 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KVVZR2Drm_rx; Mon, 22 Jul 2019 08:11:40 -0700 (PDT)
Received: from xenon44.um.es (xenon44.um.es [155.54.212.171]) by ietfa.amsl.com (Postfix) with ESMTP id EECED1202F1; Mon, 22 Jul 2019 08:11:29 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by xenon44.um.es (Postfix) with ESMTP id 506A22028C; Mon, 22 Jul 2019 17:11:29 +0200 (CEST)
X-Virus-Scanned: by antispam in UMU at xenon44.um.es
Received: from xenon44.um.es ([127.0.0.1]) by localhost (xenon44.um.es [127.0.0.1]) (amavisd-new, port 10024) with LMTP id Ia7KC2D54Wjf; Mon, 22 Jul 2019 17:11:29 +0200 (CEST)
Received: from [155.54.15.68] (unknown [155.54.15.68]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) (Authenticated sender: rafa@um.es) by xenon44.um.es (Postfix) with ESMTPSA id 2826A2015C; Mon, 22 Jul 2019 17:11:27 +0200 (CEST)
Content-Type: text/plain; charset=utf-8
Mime-Version: 1.0 (Mac OS X Mail 12.4 \(3445.104.8\))
From: Rafa Marin-Lopez <rafa@um.es>
In-Reply-To: <23861.52657.34874.178244@fireball.acr.fi>
Date: Mon, 22 Jul 2019 17:11:27 +0200
Cc: Rafa Marin-Lopez <rafa@um.es>, i2nsf@ietf.org, "ipsec@ietf.org WG" <ipsec@ietf.org>, fernando.pereniguez@cud.upct.es, mbj@tail-f.com, Gabriel Lopez <gabilm@um.es>
Content-Transfer-Encoding: quoted-printable
Message-Id: <FDF0A4CC-7898-4711-8193-C8D519DD9B34@um.es>
References: <156253524318.473.14686910090362577746@ietfa.amsl.com> <4E36A715-3B6C-4BDF-A149-9E10574E3F96@um.es> <23861.52657.34874.178244@fireball.acr.fi>
To: Tero Kivinen <kivinen@iki.fi>
X-Mailer: Apple Mail (2.3445.104.8)
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipsec/xtb24FYRRMSthpFMuHH1GKXJ-Hc>
Subject: Re: [IPsec] [I2nsf] I-D Action: draft-ietf-i2nsf-sdn-ipsec-flow-protection-05.txt
X-BeenThere: ipsec@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Discussion of IPsec protocols <ipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipsec>, <mailto:ipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipsec/>
List-Post: <mailto:ipsec@ietf.org>
List-Help: <mailto:ipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 22 Jul 2019 15:11:44 -0000

Hi Tero:


> El 22 jul 2019, a las 16:52, Tero Kivinen <kivinen@iki.fi>; escribió:
> 
> Rafa Marin-Lopez writes:
>> We submitted a new version of the I-D (v05) where we have applied several
>> changes. In the following you have a summary of the main changes, which we
>> will expand/explain during our presentation: 
> 
> I put that on my to-read queue. Cannot promise when I have time
> to read it.

Thanks.
> 
>> - In order to specify the crypto-algorithms we have used a simple approach by
>> including an integer and adding a text pointing the IANA in the reference
>> clause. For example:
>> 
>> typedef encryption-algorithm-type {
>>           type uint32;
>>           description 
>>               "The encryption algorithm is specified with a 32-bit
> 
> Is there specific reason why the size of the registry does not match
> the yang definition? The IANA registry is 16-bit and the SA payloads
> in the IKEv2 only have space for Tranform ID used to carry this
> information over.
> 
> So why is this text using uint32 and 32-bit numbers. What happens if
> someone puts number 0x00010000 there which cannot be transported over
> IKEv2? 

Completely true. It must be a uint16. We will change it.

> -- 
> kivinen@iki.fi
> 
> _______________________________________________
> IPsec mailing list
> IPsec@ietf.org
> https://www.ietf.org/mailman/listinfo/ipsec