On Tue, 11 Dec 2018, Fernando Pereñíguez García wrote:
These answers look fine. Thanks. Paul (the other emails will take a little more time :)
Date: Tue, 11 Dec 2018 13:52:13 From: Fernando Pereñíguez García <[email protected]> Cc: [email protected], [email protected], [email protected], Rafa Marin Lopez <[email protected]>, Gabriel López Millán <[email protected]> To: [email protected] Subject: Re: [I2nsf] Review of draft-ietf-i2nsf-sdn-ipsec-flow-protection-03 (Sections 8 - 9) X-Spam-Flag: NO Hi Paul, all, Next you can find our answers to your comments on sections 8 and 9. Section 8: Is this section supposed to be an "Implementation Details" Section as per RFC 7942? If so, it is missing the required note to the RFC Editor to remove the entire section before publication as RFC. [Authors] Agree. We will include it. Section 9.1: In case 1, add a note to use only strong PSKs, with a minimal length and strength. [Authors] Agree. We will add it. Section 9.2: when ESP is used Hoping my advise is taken to only use ESP and not AH, and to use ESP-null in the case of encryption being unwanted, please remove this comment as ESP would always be used. includes the keys for integrity and encryption If we only allow AEAD's, maybe rewrite or leave this out. [Authors] s/"In the case 2, the controller sends the IPsec SA information to the SAD that includes the keys for integrity and encryption (when ESP is used)" / "In the case 2, the controller sends the IPsec SA information to the SAD that includes the required cryptographic keys for ESP or AH" Regards, Fernando. -- ---------------------------------------------------------------------------------------------------- Fernando Pereñíguez García, PhD Department of Sciences and Informatics University Defense Center, (CUD), San Javier Air Force Base, MDE-UPCT C/ Coronel Lopez Peña, s/n, 30720, San Javier, Murcia - SPAIN Tel: +34 968 189 946 Fax: +34 968 189 970 ------------------------------------------------------------------------------------------------------
_______________________________________________ I2nsf mailing list [email protected] https://www.ietf.org/mailman/listinfo/i2nsf
