On Wed, May 11, 2022 at 4:48 PM Robert Moskowitz <rgm-...@htt-consult.com> wrote:
> Continuing at sec 6.1: > > Skipping 6.2 for now, as it will not be used for current use case (I > realize I may have one for Manned Aircraft). > > Good til 7.2, then skipping 7.2 and 7.3 for now. > > I like 7.4 in that UDP gets compressed to zero bytes. And the way you > have constructed diet-esp to include transport, a separate SCHC rule for > transport is not needed. Now if the payload is CoAP, then things will > be different. Per the rfc 8824. > > Skip 7.5 and 7.6 > > Sec 11: > > Security Parameter Index (SPI): > Until Diet-ESP is not deployed outside the scope of IoT and small > devices, > > > r/ not / / > > changed > ? > > What is that not doing there? > > Sequence Number (SN): If incremented for each ESP packet, the SN may > leak some information like the amount of transmitted data or the > age of the sensor. > > If 2 bytes of SN are sent using a counter, there is little to no leakage > of sensor age. > > If little traffic from sensor then only 1 byte may be better for this > purpose. > > I just don't see this as a risk if care is taken. You may want to say > this. > > I added a sentence in the security consideration. Thanks for the suggestion. > Finally where is the open source code available? > > You need a UDP app in transport mode example in App 1. :) > > If you get this draft active, I will work on providing that example. ;) > > sure, I will publish an updated version very soon. > > thanks. > > _______________________________________________ > IPsec mailing list > IPsec@ietf.org > https://www.ietf.org/mailman/listinfo/ipsec > -- Daniel Migault Ericsson
_______________________________________________ IPsec mailing list IPsec@ietf.org https://www.ietf.org/mailman/listinfo/ipsec
