pasi.ero...@nokia.com writes:
> - A question: did the WG discuss the pros and cons of integrity
> protecting the WESP header? (This does make WESP more complex to
> implement, and currently the WESP header does not contain any data
> that would benefit from integrity protection in any way.)
Thats
Paul Hoffman writes:
> At 2:23 PM +0300 9/17/09, Tero Kivinen wrote:
> >When reading the roadmap I noticed that camellia-ctr is also not
> >defined for IKEv2 SAs, so I was wondering if the text in this document
> >could be made generic enough so any counter mode cipher could be used.
>
> It is not
David Wierbowski writes:
> Thanks for the clarification. The text in 4301 makes sense. What I do not
> agree with is the text in 4945 that requires implementations MUST be able
> to perform matching based on a bitwise comparison of the entire DN in ID to
> its entry in the SPD. I can agree with
Paul Hoffman writes:
> At 10:03 PM +0300 9/12/09, Yaron Sheffer wrote:
> > The ipsecme WG will have a virtual interim WG meeting in about a month. We
> > will have a conference call on Tuesday September 22, 15:00 GMT (18:00
> > Israel, 17:00 CET, 11:00 EDT, 8:00 PDT), for 2 hours. We are planning o
HI,
I have a query about the Sequence number in the ESP Header.
If for any packet, the receiver finds the seq number as ZERO, what is the
desired behavior..?
Should this result in the anti-replay check failure..?
Should this be treated as a corrupted packet..?
Appreciate your inputs.
Thanks
Man
On Fri, Sep 18, 2009 at 10:35:32AM -0500, Manish Aggarwal wrote:
> HI,
> I have a query about the Sequence number in the ESP Header.
> If for any packet, the receiver finds the seq number as ZERO, what is the
> desired behavior..?
>
> Should this result in the anti-replay check failure..?
> Should
> -Original Message-
> From: ipsec-boun...@ietf.org [mailto:ipsec-boun...@ietf.org] On Behalf
> Of Dan McDonald
> Sent: Friday, September 18, 2009 11:48 AM
> To: Manish Aggarwal
> Cc: ipsec@ietf.org
> Subject: Re: [IPsec] Query about SEq Number
>
> On Fri, Sep 18, 2009 at 10:35:32AM -050
On Fri, Sep 18, 2009 at 09:34:26AM -0700, Scott Fluhrer (sfluhrer) wrote:
> > -Original Message-
> > From: ipsec-boun...@ietf.org [mailto:ipsec-boun...@ietf.org] On Behalf
> > Of Dan McDonald
> > Sent: Friday, September 18, 2009 11:48 AM
> > To: Manish Aggarwal
> > Cc: ipsec@ietf.org
> > Su
Hi Pasi,
Many thanks for the great feedback. I will incorporate all these items as part
of the WESP update during the next virtual interim meeting on Sept 22.
Furthermore, I have opened multiple tickets to ensure these are tracked and
resolved.
Some comments inline...and others will result fr
