Paul Wouters writes:
> On Mon, 8 Nov 2021, Tero Kivinen wrote:
>
> >> Does the AuthMethod apply to the algorithms within the certificate
> >> as well? The RFC should clarify this.
> >
> > The reason for this notify is that if the peer has multiple key pairs
> > (i.e., private keys) it needs to pic
internet-dra...@ietf.org writes:
> Title : IP-TFS: Aggregation and Fragmentation Mode for ESP
> and its Use for IP Traffic Flow Security
> Filename: draft-ietf-ipsecme-iptfs-12.txt
I checked the diffs, and I think this text is mostly ok.
I think there is still bit
Hi Paul,
> On Mon, 8 Nov 2021, Tero Kivinen wrote:
>
> > draft-smyslov-ipsecme-ikev2-auth-announce
> >
> > This is the start of 2 week WG adoption call for this document, ending
> > 2021-11-22. Please send your reply about whether you support adopting
> > this document as WG document or not.
Hi Scott.
I’m glad to see this work;
Thank you.
however I see a potentially important constraint on authentication that the
current draft does not appear to address.
It allows the peers to specify which signature algorithms they accept; however
if we are talking about c
Hi Paul,
> On Mon, 8 Nov 2021, Tero Kivinen wrote:
>
> >> Does the AuthMethod apply to the algorithms within the certificate
> >> as well? The RFC should clarify this.
> >
> > The reason for this notify is that if the peer has multiple key pairs
> > (i.e., private keys) it needs to pick one priva
I believe this is a good time to apply KISS method.
We have a lost packet timer and additionally this is the "in order delivery"
mode. Let's not make this more complex to try and eek out every ounce of potential,
especially given we are already documenting 2 possible receiver behaviors (instea
Hi Paul,
Please see inline.
Cheers,
Med
> -Message d'origine-
> De : Paul Wouters
> Envoyé : lundi 8 novembre 2021 19:06
> À : BOUCADAIR Mohamed INNOV/NET
> Cc : Tero Kivinen ; ipsec@ietf.org
> Objet : Re: [IPsec] WG Adoption call for draft-btw-add-ipsecme-ike
>
> On Mon, 8 Nov 2021
I have reviewed the diff at:
https://www.ietf.org/rfcdiff?url1=rfc8229&url2=draft-ietf-ipsecme-rfc8229bis-01
and the update seems like a good job to me.
I wonder about keeping more of the original authors on the new document,
since it is substantively the same document. I can not judge what
Hi Michael,
> I have reviewed the diff at:
> https://www.ietf.org/rfcdiff?url1=rfc8229&url2=draft-ietf-ipsecme-
> rfc8229bis-01
>
> and the update seems like a good job to me.
Thanks.
> I wonder about keeping more of the original authors on the new document,
> since it is substantively the sa
On Tue, 9 Nov 2021, mohamed.boucad...@orange.com wrote:
Note that what I said there was that you should not update the _mechanism_
of how CFG requests/responds are done. You should use the existing
mechanism with a new value, but use the same negotation mechanism.
So the client sends FOO(x) and
On Tue, 9 Nov 2021, Valery Smyslov wrote:
We can use AlgorithmIdentifier, so no new registry is needed.
Ah sorry, it does state that indeed. Although we might almost want to
not support non-RFC7427 "legacy" methods. Then again, if all software
updated and be RFC compliant, we wouldn't need thi
Hi Paul,
Please see inline.
Cheers,
Med
> -Message d'origine-
> De : Paul Wouters
> Envoyé : mercredi 10 novembre 2021 01:20
> À : BOUCADAIR Mohamed INNOV/NET
> Cc : ipsec@ietf.org; draft-btw-add-ipsecme-...@ietf.org; Tero Kivinen
>
> Objet : Re: [IPsec] WG Adoption call for draft-b
12 matches
Mail list logo
