[IPsec] Gen-ART review of draft-ietf-ipsecme-roadmap-08

2010-07-11 Thread david.black
I am the assigned Gen-ART reviewer for this draft. For background on Gen-ART, please see the FAQ at http://wiki.tools.ietf.org/area/gen/trac/wiki/GenArtfaq . Please resolve these comments along with any other comments you may receive. Summary: This draft is on the right track, but has open issu

[IPsec] I-D Action:draft-ietf-ipsecme-roadmap-08.txt

2010-07-11 Thread Internet-Drafts
A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the IP Security Maintenance and Extensions Working Group of the IETF. Title : IP Security (IPsec) and Internet Key Exchange (IKE) Document Roadmap Author(s)

Re: [IPsec] Roadmap -07: two minor and one major comments

2010-07-11 Thread Frankel, Sheila E.
We just submitted version -08 of the Roadmap doc. As Yaron requested, we changed the reference in section 5.2.4 and eliminated Appendix A. We left RFC 4359 in the doc, since some (but not all) of the msec RFCs were deleted, but we felt this one should remain. (It's not one of the RFCs that Pasi

Re: [IPsec] DPD in IKEv2

2010-07-11 Thread Toby Mao
Hi Yoav: Thanks for your explanation. So, if we want to check liveliness, an Informational request message without payloads will be send and an Informational response message without payloads can prove the peer's liveliness. Best Toby On Sun, Jul 11, 2010 at 6:27 PM, Yoav Nir wr

[IPsec] Fwd: New Version Notification for draft-seokung-ipsecme-seed-ipsec-modes-00

2010-07-11 Thread Seokung Yoon
Dear all, I submitted a new draft regarding SEED-IPsec. This is for updating the existing RFC (RFC4196). Any comments would be appreciated. BR, Seokung -- Forwarded message -- From: IETF I-D Submission Tool Date: 2010/7/4 Subject: New Version Notification for draft-seokung-i

Re: [IPsec] HA design team started

2010-07-11 Thread Raj Singh
Hi Group, We would like to present the HA design team's output for IPsec Cluster Solution Draft before Maastricht meeting as http://tools.ietf.org/id/draft-kagarigi-ipsecme-ikev2-windowsync-03.txt This draft solves the main issues of IPsec Cluster Problem Statement draft using a simple IKEv2 prot

Re: [IPsec] DPD in IKEv2

2010-07-11 Thread Yoav Nir
Hi. Liveness check in IKEv2 is very much like any other INFORMATIONAL exchange. Here's what the introduction says about this. An INFORMATIONAL request with no payloads (other than the empty Encrypted payload required by the syntax) is commonly used as a check for liveness. S

[IPsec] DPD in IKEv2

2010-07-11 Thread Toby Mao
Hi all: DPD(RFC 3706) provide a mechanism to detect dead IKEv1 peer. In draft-ietf-ipsecme-roadmap-07, 4.2.3.1, it tell us "This RFC defines an optional extension to IKEv1; dead peer detection (DPD) is an integral part of IKEv2