Dear YANG Doctor: We need your help in reviewing the YANG model in draft-ietf-i2nsf-sdn-ipsec-flow-protection which I2NSF WG is about to call WGLC.
In particular, we need your advice on the following issue: draft-ietf-i2nsf-sdn-ipsec-flow-protection-04 imports from draft-ietf-netconf-crypto-types, which appears to be a generic list of algorithms. The problem is that the list in draft-ietf-netconf-crypto-types could contain algorithms that are not suitable for IPsec (such as secp192r1 for key agreement), and right now it seems to lack some older algorithms that have fallen out of fashion (3DES) but is still needed in IPsec. Questions to the YANG Doctor: 1. Is it better to list the IPsec specific algorithms in draft-ietf-i2nsf-sdn-ipsec-flow-protection (which is a subset of draft-ietf-netconf-crypto-types? Or to import all crypto algorithms many of which are not relevant to IPsec? What is the common practice? 2. If we do import from draft-ietf-netconf-crypto-types, does it mean draft-ietf-i2nsf-sdn-ipsec-flow-protection cannot be published until draft-ietf-netconf-crypto-types is published? Thank you very much, Linda & Yoav
_______________________________________________ I2nsf mailing list [email protected] https://www.ietf.org/mailman/listinfo/i2nsf
