Re: [IPsec] I-D Action: draft-ietf-ipsecme-ddos-protection-06.txt
"Valery Smyslov" <svanru@gmail.com> Sat, 16 April 2016 06:03 UTC
Return-Path: <svanru@gmail.com>
X-Original-To: ipsec@ietfa.amsl.com
Delivered-To: ipsec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F405B12DFD4 for <ipsec@ietfa.amsl.com>; Fri, 15 Apr 2016 23:03:09 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.261
X-Spam-Level:
X-Spam-Status: No, score=-2.261 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, STOX_REPLY_TYPE=0.439] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id EhxvQS27LUjQ for <ipsec@ietfa.amsl.com>; Fri, 15 Apr 2016 23:03:08 -0700 (PDT)
Received: from mail-lf0-x241.google.com (mail-lf0-x241.google.com [IPv6:2a00:1450:4010:c07::241]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0658612DFD3 for <ipsec@ietf.org>; Fri, 15 Apr 2016 23:03:08 -0700 (PDT)
Received: by mail-lf0-x241.google.com with SMTP id o124so19248480lfb.2 for <ipsec@ietf.org>; Fri, 15 Apr 2016 23:03:07 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=message-id:from:to:references:in-reply-to:subject:date:mime-version :content-transfer-encoding:importance; bh=9FJcrFyx04PyMpzRIMTCY4r4HMa2NwZnQyOWlrVSpqs=; b=Qr7NEQ4ix0aQMl3FsPhN/YkIwZiqEmde24DrB3smNH+7cmrKcoadAj1skMIC9RHbD1 JunkFlfguF5dDJQ4T2ZM5RU/BN9/2e+vzAckXLHKuxit3wGMu996N+HWSCh8DqiJfLKh I8H9o4f7f5ZHVyTcmxpXuYi3XEbebkTYHWF9APdga71+y1Jvi+iXpVMLbdIPh8IA8y3T 6ImVMBCx5TGHqfDH1kJU1SWQSQtdqhQ9rS0EtvHZRz+lV5HjKkazXfJSiLoDkswVntSD 8Omc7l3eKhGhjEpQkvvYJ+pkadWLMh3JragAFUR2OMz3QksmhFfEsoo8HjCyfO8iqOL9 2xXw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:message-id:from:to:references:in-reply-to :subject:date:mime-version:content-transfer-encoding:importance; bh=9FJcrFyx04PyMpzRIMTCY4r4HMa2NwZnQyOWlrVSpqs=; b=F9CU35JPty3zga+nFDFoYg6BOE5/PtRqzVAmN0UWjUyCkPqCo1Gu4/mrBDZ0MyETMK ChOPnYgwK7JtbXG3XES6z5fvjxwZyQHLbiV3l/eVvOyj3DpxS8KpLuQEHjTm+rI8YlkG WA07p5bFjteJRL32jnGRSR67LBqTuT+kbGA2BJATCgcwi7J388X9EfTSWPpRZy2s6a5w dpOFei98GKCYv0dWvSHC5Q4R9HYWgCvR8OHFh64MJu3l5ct1qNbtLsjxCeICD5Pe8Dg8 6WXA5HMJzVBl5GyC+MhfPWHI1116GQHB36bnwasDgeU7J0ZhUp7q4TzUqLQrQtFpbcFT dwiw==
X-Gm-Message-State: AOPr4FWOqVFcxoksXIHfmpaWkeP975atRR7339YMlWASUY8XIQEaVISwNM5sYAo7l6K7Lw==
X-Received: by 10.112.254.164 with SMTP id aj4mr10557134lbd.104.1460786586264; Fri, 15 Apr 2016 23:03:06 -0700 (PDT)
Received: from chichi (ppp83-237-47-234.pppoe.mtu-net.ru. [83.237.47.234]) by smtp.gmail.com with ESMTPSA id um4sm8096221lbb.1.2016.04.15.23.03.04 for <ipsec@ietf.org> (version=TLSv1/SSLv3 cipher=OTHER); Fri, 15 Apr 2016 23:03:05 -0700 (PDT)
Message-ID: <F5F8C1341EDB44DBA48447A09CFB94AD@chichi>
From: Valery Smyslov <svanru@gmail.com>
To: IPsecme WG <ipsec@ietf.org>
References: <20160415192315.17538.48595.idtracker@ietfa.amsl.com>
In-Reply-To: <20160415192315.17538.48595.idtracker@ietfa.amsl.com>
Date: Sat, 16 Apr 2016 09:03:00 +0300
MIME-Version: 1.0
Content-Type: text/plain; format="flowed"; charset="utf-8"; reply-type="original"
Content-Transfer-Encoding: 8bit
X-Priority: 3
X-MSMail-Priority: Normal
Importance: Normal
X-Mailer: Microsoft Windows Live Mail 16.4.3528.331
X-MimeOLE: Produced By Microsoft MimeOLE V16.4.3528.331
Archived-At: <http://mailarchive.ietf.org/arch/msg/ipsec/yyGMzHh81XFb32g_bER5flri8YI>
Subject: Re: [IPsec] I-D Action: draft-ietf-ipsecme-ddos-protection-06.txt
X-BeenThere: ipsec@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Discussion of IPsec protocols <ipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipsec>, <mailto:ipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipsec/>
List-Post: <mailto:ipsec@ietf.org>
List-Help: <mailto:ipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 16 Apr 2016 06:03:10 -0000
Hi, the new version of the draft addresses comments received during WGLC. Those who commented (Paul, Graham, Michael and others), please verify that your concerns are resolved. Regards, Yoav and Valery. -----Original Message----- From: internet-drafts@ietf.org Date: 15 апреля 2016 г. 22:23 To: i-d-announce@ietf.org Cc: ipsec@ietf.org Subject: [IPsec] I-D Action: draft-ietf-ipsecme-ddos-protection-06.txt A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the IP Security Maintenance and Extensions of the IETF. Title : Protecting Internet Key Exchange Protocol version 2 (IKEv2) Implementations from Distributed Denial of Service Attacks Authors : Yoav Nir Valery Smyslov Filename : draft-ietf-ipsecme-ddos-protection-06.txt Pages : 29 Date : 2016-04-15 Abstract: This document recommends implementation and configuration best practices for Internet Key Exchange Protocol version 2 (IKEv2) Responders, to allow them to resist Denial of Service and Distributed Denial of Service attacks. Additionally, the document introduces a new mechanism called "Client Puzzles" that help accomplish this task. The IETF datatracker status page for this draft is: https://datatracker.ietf.org/doc/draft-ietf-ipsecme-ddos-protection/ There's also a htmlized version available at: https://tools.ietf.org/html/draft-ietf-ipsecme-ddos-protection-06 A diff from the previous version is available at: https://www.ietf.org/rfcdiff?url2=draft-ietf-ipsecme-ddos-protection-06 Please note that it may take a couple of minutes from the time of submission until the htmlized version and diff are available at tools.ietf.org. Internet-Drafts are also available by anonymous FTP at: ftp://ftp.ietf.org/internet-drafts/ _______________________________________________ IPsec mailing list IPsec@ietf.org https://www.ietf.org/mailman/listinfo/ipsec
- [IPsec] I-D Action: draft-ietf-ipsecme-ddos-prote… internet-drafts
- Re: [IPsec] I-D Action: draft-ietf-ipsecme-ddos-p… Valery Smyslov