> On 1 Nov 2021, at 13:07, Valery Smyslov wrote:
>
> Hi Michael,
>
>> Tero Kivinen wrote:
Even without surpassing the 64KB limit, this must be a concern.
IKEv2's cookie mechanism and puzzles try to increase the cost of the
attacker per each connection. Now, an attacker must sti
A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the IP Security Maintenance and Extensions WG of
the IETF.
Title : IP-TFS: Aggregation and Fragmentation Mode for ESP
and its Use for IP Traffic Flow Security
This is the start of 2 week WG adoption call for this document, ending
2021-11-22. Please send your reply about whether you support adopting
this document as WG document or not.
--
kivi...@iki.fi
___
IPsec mailing list
IPsec@ietf.org
https://www.ietf.or
This is the start of 2 week WG adoption call for this document, ending
2021-11-22. Please send your reply about whether you support adopting
this document as WG document or not.
--
kivi...@iki.fi
___
IPsec mailing list
IPsec@ietf.org
https://www.ietf.or
The IPSECME WG has placed draft-btw-add-ipsecme-ike in state
Call For Adoption By WG Issued (entered by Tero Kivinen)
The document is available at
https://datatracker.ietf.org/doc/draft-btw-add-ipsecme-ike/
___
IPsec mailing list
IPsec@ietf.org
https
The IPSECME WG has placed draft-smyslov-ipsecme-ikev2-auth-announce in state
Call For Adoption By WG Issued (entered by Tero Kivinen)
The document is available at
https://datatracker.ietf.org/doc/draft-smyslov-ipsecme-ikev2-auth-announce/
___
IPsec m
This is the start of 2 week WGLC on the draft-ietf-ipsecme-g-ikev2
document, ending 2021-11-26.
Please submit your comments to the list, also send a note if you have
reviewed the document, so we can see how many people are interested in
getting this out.
--
kivi...@iki.fi
___
Hi Tero, all,
I support adoption.
FWIW, I'm not aware of any IPR related to this I-D.
Cheers,
Med
> -Message d'origine-
> De : IPsec De la part de Tero Kivinen
> Envoyé : lundi 8 novembre 2021 15:17
> À : ipsec@ietf.org
> Objet : [IPsec] WG Adoption call for draft-btw-add-ipsecme-ike
Here is IPsecME WG minutes. Thanks to minute takers, for making good
minutes and including enough of the discussion, especially for the
IPTFS issues.
--
IP Security Maintenance and Extensions (IPsecME) WG
IETF 112 - Monday Novemb
On Mon, 8 Nov 2021, Tero Kivinen wrote:
Subject: [IPsec] WG Adoption call for draft-btw-add-ipsecme-ike
This is the start of 2 week WG adoption call for this document, ending
2021-11-22. Please send your reply about whether you support adopting
this document as WG document or not.
I support t
On Mon, 8 Nov 2021, Tero Kivinen wrote:
draft-smyslov-ipsecme-ikev2-auth-announce
This is the start of 2 week WG adoption call for this document, ending
2021-11-22. Please send your reply about whether you support adopting
this document as WG document or not.
I support working on the idea
Hi Paul,
Please see inline.
Cheers,
Med
> -Message d'origine-
> De : IPsec De la part de Paul Wouters
> Envoyé : lundi 8 novembre 2021 16:20
> À : Tero Kivinen
> Cc : ipsec@ietf.org
> Objet : Re: [IPsec] WG Adoption call for draft-btw-add-ipsecme-ike
>
> On Mon, 8 Nov 2021, Tero Kivi
On Mon, 8 Nov 2021, mohamed.boucad...@orange.com wrote:
Note the text of the draft claims it updates RFC 8598 but doesn't do so
via an Updates: statement.
[Med] We considered to have an "update" header because we were concerned with
some MUSTs in 8598. We finally didn't include the update hea
On Mon, 8 Nov 2021, internet-dra...@ietf.org wrote:
Filename: draft-ietf-ipsecme-iptfs-12.txt
A diff from the previous version is available at:
https://www.ietf.org/rfcdiff?url2=draft-ietf-ipsecme-iptfs-12
Looks good to me other than a typo: s/the they fall/they fall/
(but
This is the start of 2 week WGLC on the draft-ietf-ipsecme-rfc8229bis
document, ending 2021-11-26.
Please submit your comments to the list, also send a note if you have
reviewed the document, so we can see how many people are interested in
getting this out.
--
kivi...@iki.fi
I’m glad to see this work; however I see a potentially important constraint on
authentication that the current draft does not appear to address.
It allows the peers to specify which signature algorithms they accept; however
if we are talking about certificates, those include internal signature
Scott Fluhrer \(sfluhrer\) writes:
> I’m glad to see this work; however I see a potentially important
> constraint on authentication that the current draft does not appear
> to address.
>
> It allows the peers to specify which signature algorithms they
> accept; however if we are talking about cer
On Mon, 8 Nov 2021, Tero Kivinen wrote:
Does the AuthMethod apply to the algorithms within the certificate
as well? The RFC should clarify this.
The reason for this notify is that if the peer has multiple key pairs
(i.e., private keys) it needs to pick one private key to sign the AUTH
payload
I've read the diff, and it looks good to me.
--
Michael Richardson , Sandelman Software Works
-= IPv6 IoT consulting =-
signature.asc
Description: PGP signature
___
IPsec mailing list
IPsec@ietf.org
https://www.ietf.org/mailman/listinfo/ipsec
Paul Wouters writes:
On Mon, 8 Nov 2021, internet-dra...@ietf.org wrote:
Filename: draft-ietf-ipsecme-iptfs-12.txt
A diff from the previous version is available at:
https://www.ietf.org/rfcdiff?url2=draft-ietf-ipsecme-iptfs-12
Looks good to me other than a typo: s/the t
20 matches
Mail list logo
