Re: [Secdispatch] Controller-IKE
Yoav Nir <ynir.ietf@gmail.com> Thu, 08 August 2019 05:17 UTC
Return-Path: <ynir.ietf@gmail.com>
X-Original-To: secdispatch@ietfa.amsl.com
Delivered-To: secdispatch@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C179A12004A for <secdispatch@ietfa.amsl.com>; Wed, 7 Aug 2019 22:17:07 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.997
X-Spam-Level:
X-Spam-Status: No, score=-1.997 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VSxLod57o1Gl for <secdispatch@ietfa.amsl.com>; Wed, 7 Aug 2019 22:17:05 -0700 (PDT)
Received: from mail-qt1-x82d.google.com (mail-qt1-x82d.google.com [IPv6:2607:f8b0:4864:20::82d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3CAC112000E for <secdispatch@ietf.org>; Wed, 7 Aug 2019 22:17:05 -0700 (PDT)
Received: by mail-qt1-x82d.google.com with SMTP id n11so90878092qtl.5 for <secdispatch@ietf.org>; Wed, 07 Aug 2019 22:17:05 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=in-reply-to:references:thread-topic:user-agent:mime-version :content-transfer-encoding:subject:from:date:to:cc:message-id; bh=V8gyVSE/65XmPq7pxZH1ORcytPjFZu6YsdrUXUwOkqc=; b=BmnzAP2W3ejnW2NAT8g7ODBi0WwoxVY5f2lBwZryUMDyeZ8MnPQqdsPEghwnjIFctn x6z1FN3W+F5pO/6/U5+/kHuRWjKbGwRktP97yZs7EpcfeEGMVsJqHaciiEvZhICU1FJW G8qG0+2yKpa/l3ynJHqAHB5halWLVVKiJ8mwxFap5xOMpkUk9gLJZfBneZ4vDtVZUCjK nsvyP6QjRQ1FwsWleCF1FzF6dJXNgT2Wer3sAJqjE31rR0rFMVgVlTd0RtaoRW+VxPtE 04ALEb+Fi4Kzt2mtY/FK7kVNIwlj6ZjGD3DiOmkbJMrq8IjFU0L/BYsEtc4+y83D1iJi BlEw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:in-reply-to:references:thread-topic:user-agent :mime-version:content-transfer-encoding:subject:from:date:to:cc :message-id; bh=V8gyVSE/65XmPq7pxZH1ORcytPjFZu6YsdrUXUwOkqc=; b=aNvAYNfRo3G+5WA1A+zoacZY/U9Lm5fciwRdwDFdWd4O6gQ/B2BZpc+qNiATv7tAyE leSNhGTnV2WX9P+240OxtU4l226FqFmsCfJPwn4u24z8ANXXeCuBsupLgaGw8qCq6Jh+ s0sqMQ9dqgWNg89/7KjvaF2dnYBNdWWa3+tFeNL5CO5cYKhazxdDC1YxRJhMZWyfvkav s8Vhg80Hi2SxMsMMAEnZ3H6J2L35wQO8EAczWDYqNWwrSbvGiedKuvLhOiKPWx6bljz3 S4vgG4rjlymHivo08tjAxDf2Qzt8RemTmnI14vlgilMPvGjI33+ezfLIRi0uHQKOnWj9 DWeQ==
X-Gm-Message-State: APjAAAUkLcuYrPYpSFPUnT9DocoLT9LzMagxXaZwTrl0wggMMQ7NyaI2 Ee8nhzAWdoCQkyIoaLtogL4=
X-Google-Smtp-Source: APXvYqwlx7eCc1kVpjKtcIMdniU4TybY9qz8vtjWk9WYTrDO6ncBd39/LTfkewzL7uzCuWoltHgrnA==
X-Received: by 2002:a0c:d0ab:: with SMTP id z40mr11831747qvg.216.1565241424230; Wed, 07 Aug 2019 22:17:04 -0700 (PDT)
Received: from [10.41.8.158] ([147.178.6.137]) by smtp.gmail.com with ESMTPSA id p23sm41010529qke.44.2019.08.07.22.17.01 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 07 Aug 2019 22:17:02 -0700 (PDT)
In-Reply-To: <fa991907-8b5d-9fed-959d-3a4b6d50d3b8@sandelman.ca>
References: <CDF90625-34F6-40C3-8AE4-AACD50D70C2E@cisco.com> <CAHbuEH7NQ3DV1nt_vq2wyQ4yZC2carVmRk8LfURGe9eWHfboeQ@mail.gmail.com> <fa991907-8b5d-9fed-959d-3a4b6d50d3b8@sandelman.ca>
X-Referenced-Uid: 67274
Thread-Topic: Re: [Secdispatch] Controller-IKE
User-Agent: Android
X-Is-Generated-Message-Id: true
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="----K6I3GCZE17XLTPAN1CK461TDGLO7RL"
Content-Transfer-Encoding: 7bit
X-Local-Message-Id: <c77c95c4-dfe7-4154-9d56-1d64c6e976be@gmail.com>
From: Yoav Nir <ynir.ietf@gmail.com>
Date: Thu, 08 Aug 2019 08:16:58 +0300
To: Michael Richardson <mcr+ietf@sandelman.ca>
CC: Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com>, secdispatch@ietf.org
Message-ID: <c77c95c4-dfe7-4154-9d56-1d64c6e976be@gmail.com>
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdispatch/L5s3_92lg6Xn5uaqiHFjYMDD_q0>
Subject: Re: [Secdispatch] Controller-IKE
X-BeenThere: secdispatch@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Dispatch <secdispatch.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdispatch>, <mailto:secdispatch-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdispatch/>
List-Post: <mailto:secdispatch@ietf.org>
List-Help: <mailto:secdispatch-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdispatch>, <mailto:secdispatch-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 08 Aug 2019 05:17:08 -0000
Hi, Michael I2NSF did turn down this draft. Ultimately it just didn't get enough support for adoption, but one of the arguments against it was that it was a middle ground between the IKE and IKE-less cases. Sent from my phone -------- Original Message -------- From: Michael Richardson <mcr+ietf@sandelman.ca> Sent: Thu Aug 08 05:44:10 GMT+03:00 2019 To: Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com>, secdispatch@ietf.org Subject: Re: [Secdispatch] Controller-IKE On 2019-07-22 10:28 a.m., Kathleen Moriarty wrote: > Hi David, > > Could you please explain how this is different from the adopted work in > I2NSF, > https://datatracker.ietf.org/doc/draft-ietf-i2nsf-sdn-ipsec-flow-protection/ ? > > This is referenced in your draft along with one another, but there is no > analysis on why they don't fit the need. The draft in I2NSF pulled in > the IPsecMe working group and underwent significant revisions as a > result to deal with several initial security issues. If there 's a gap > that can be solved with that draft, could that be a way forward or is > this needed for some specific reason? It would be helpful to understand > this. I read David's response. I'm still unclear if I2NSF turned down this work or what? Is there a conclusion from secdispatch at this point? _______________________________________________ Secdispatch mailing list Secdispatch@ietf.org https://www.ietf.org/mailman/listinfo/secdispatch
- [Secdispatch] Controller-IKE David Carrel (carrel)
- Re: [Secdispatch] Controller-IKE Richard Barnes
- Re: [Secdispatch] Controller-IKE Kathleen Moriarty
- Re: [Secdispatch] Controller-IKE Eric Rescorla
- Re: [Secdispatch] Controller-IKE David Carrel (carrel)
- Re: [Secdispatch] Controller-IKE David Carrel (carrel)
- Re: [Secdispatch] Controller-IKE Eric Rescorla
- Re: [Secdispatch] Controller-IKE David Carrel (carrel)
- Re: [Secdispatch] Controller-IKE Eric Rescorla
- Re: [Secdispatch] Controller-IKE Eric Rescorla
- Re: [Secdispatch] Controller-IKE Benjamin Kaduk
- Re: [Secdispatch] Controller-IKE Hannes Tschofenig
- Re: [Secdispatch] Controller-IKE Tero Kivinen
- Re: [Secdispatch] Controller-IKE Michael Richardson
- Re: [Secdispatch] Controller-IKE Yoav Nir