[storm] Storm WG draft status - October 21 + Two IPsec items
"Black, David" <david.black@emc.com> Mon, 21 October 2013 21:25 UTC
Return-Path: <david.black@emc.com>
X-Original-To: storm@ietfa.amsl.com
Delivered-To: storm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CC22D11E8705 for <storm@ietfa.amsl.com>; Mon, 21 Oct 2013 14:25:03 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.599
X-Spam-Level:
X-Spam-Status: No, score=-102.599 tagged_above=-999 required=5 tests=[AWL=0.000, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id SaDyD8-VlE6k for <storm@ietfa.amsl.com>; Mon, 21 Oct 2013 14:24:59 -0700 (PDT)
Received: from mailuogwhop.emc.com (mailuogwhop.emc.com [168.159.213.141]) by ietfa.amsl.com (Postfix) with ESMTP id 3963D11E86AF for <storm@ietf.org>; Mon, 21 Oct 2013 14:24:46 -0700 (PDT)
Received: from maildlpprd01.lss.emc.com (maildlpprd01.lss.emc.com [10.253.24.33]) by mailuogwprd04.lss.emc.com (Sentrion-MTA-4.3.0/Sentrion-MTA-4.3.0) with ESMTP id r9LLOiqN031963 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for <storm@ietf.org>; Mon, 21 Oct 2013 17:24:45 -0400
X-DKIM: OpenDKIM Filter v2.4.3 mailuogwprd04.lss.emc.com r9LLOiqN031963
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d=emc.com; s=jan2013; t=1382390685; bh=g1RbMYN2hptYOMzDW2HYB83VC74=; h=From:To:Date:Subject:Message-ID:Content-Type: Content-Transfer-Encoding:MIME-Version; b=p5sK0we8bNnV5JmGLK1DdBA12SDUJBqSi9mtZv8snrYcpqJG1ECOmGCVu1oRjLsFZ 1hFk3XP1+/OQ9Ql3Sk8BhIHwxu1HNQU/K85iYikk1rFzqnUHLTX/LBoff6RgP78pS5 JgifffX5CU+aryx94i12E7/GHwW6AtRQYc4CuwH8=
X-DKIM: OpenDKIM Filter v2.4.3 mailuogwprd04.lss.emc.com r9LLOiqN031963
Received: from mailusrhubprd02.lss.emc.com (mailusrhubprd02.lss.emc.com [10.253.24.20]) by maildlpprd01.lss.emc.com (RSA Interceptor) for <storm@ietf.org>; Mon, 21 Oct 2013 17:24:27 -0400
Received: from mxhub39.corp.emc.com (mxhub39.corp.emc.com [128.222.70.106]) by mailusrhubprd02.lss.emc.com (Sentrion-MTA-4.3.0/Sentrion-MTA-4.3.0) with ESMTP id r9LLOQCS014336 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL) for <storm@ietf.org>; Mon, 21 Oct 2013 17:24:26 -0400
Received: from mx15a.corp.emc.com ([169.254.1.46]) by mxhub39.corp.emc.com ([128.222.70.106]) with mapi; Mon, 21 Oct 2013 17:24:26 -0400
From: "Black, David" <david.black@emc.com>
To: "storm@ietf.org" <storm@ietf.org>
Importance: high
X-Priority: 1
Date: Mon, 21 Oct 2013 17:24:25 -0400
Thread-Topic: Storm WG draft status - October 21 + Two IPsec items
Thread-Index: Ac7Oo+qe9cjxBeGHTACBSzR+8hrHYg==
Message-ID: <8D3D17ACE214DC429325B2B98F3AE712025DDDBE9A@MX15A.corp.emc.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-Sentrion-Hostname: mailusrhubprd02.lss.emc.com
X-RSA-Classifications: DLM_1, public
Subject: [storm] Storm WG draft status - October 21 + Two IPsec items
X-BeenThere: storm@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Storage Maintenance WG <storm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/storm>, <mailto:storm-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/storm>
List-Post: <mailto:storm@ietf.org>
List-Help: <mailto:storm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/storm>, <mailto:storm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 21 Oct 2013 21:25:05 -0000
With all the expected drafts submitted that are expected before the Vancouver meeting week, here's the status update: 1) iSCSI consolidated draft. Done and in the RFC Editor's Queue! 2) iSCSI SAM (new features) draft. The -09 version has been approved by the IESG, so the text is fine, but there's a procedural wrinkle to work through. Section 4.2 of this draft (about SCSI version descriptors for iSCSI) depends on some changes that need to be made at T10 (SCSI standards body), and those T10 change requires that the IANA actions for this draft be performed. The expected path forward is to have IANA perform their actions, make the changes at T10 (which may make it into SPC-4), and then send the draft to the RFC Editor; as a result the actual approval announcement will be delayed. 3) iSCSI MIB draft. Done and in the RFC Editor's Queue! 4) iSER draft. Done, and in the RFC Editor's Queue! 5) RFC 3723 IPsec requirements update draft. The -04 version that was just posted should suffice to clear the one IESG Discuss position on this draft - the delay in getting this version done is my [lack of :-( ] doing in order to cope with things at my day job. There are two technical changes that have been made in this new version, for which time will be allowed for WG review - details below. 6) RDMA Extensions draft. The -08 version that was just posted should take care of all of the comments from WG Last Call, and hence should be ready to submit to our AD and the IESG with the initial request for publication as an RFC. -- Two IPsec items -- Two technical changes were made to the IPsec update draft, and these will also need to be made to the consolidated iSCSI draft, as they affect the IPsec security considerations text there: (A) OCSP is now allowed for checking certificates in addition to use of CRLs. (B) Extended sequence numbers (ESNs) are now required for ESPv2 (IPsec v2 - RFC 2406) in addition to ESPv3 (IPsec v3 - RFC 4303). The first change to allow OCSP, is a straightforward update to the current state of PKI certificate technology and usage. The second change was the original intention for iSCSI use of IPsec (which is where all of this started) and got dropped when yours truly overlooked the existence of RFC 4304, which defines IKEv1 support for negotiating ESN usage. One of the security ADs pointed out the existence of RFC 4304 and suggested this change, which makes a lot of sense, IMHO. I believe ESN support to be widely available in IPsec v2 implementations. If anyone cares about either of these, please comment - absence of comment will be taken as absence of objection. Please feel free to send questions to the list or directly to me. Finally, there should be an update later this week on the planned RDMA/IP "Mini-BOF" that will be held at the storm WG meeting in Vancouver - Thursday, November 7, 1300-1500 (1p-3p). See you in Vancouver! Thanks, --David (storm WG co-chair) ---------------------------------------------------- David L. Black, Distinguished Engineer EMC Corporation, 176 South St., Hopkinton, MA 01748 +1 (508) 293-7953 FAX: +1 (508) 293-7786 david.black@emc.com Mobile: +1 (978) 394-7754 ----------------------------------------------------
- [storm] Storm WG draft status - October 21 + Two … Black, David