Hi Linda,
> On Apr 5, 2019, at 9:51 AM, Linda Dunbar <[email protected]> wrote: > > Dear YANG Doctor: > > We need your help in reviewing the YANG model in > draft-ietf-i2nsf-sdn-ipsec-flow-protection which I2NSF WG is about to call > WGLC. > > In particular, we need your advice on the following issue: > > draft-ietf-i2nsf-sdn-ipsec-flow-protection-04 imports from > draft-ietf-netconf-crypto-types, which appears to be a generic list of > algorithms. > The problem is that the list in draft-ietf-netconf-crypto-types could contain > algorithms that are not suitable for IPsec (such as secp192r1 for key > agreement), and right now it seems to lack some older algorithms that have > fallen out of fashion (3DES) but is still needed in IPsec. All the algorithms in draft-ietf-netconf-crypto-types are defined as identities. If you do not find the algorithm you are looking for in the list of defined algorithms, you can go ahead and define your own in your own draft, using the same base identity from the ietf-crypto-types module. > > > Questions to the YANG Doctor: > 1. Is it better to list the IPsec specific algorithms in > draft-ietf-i2nsf-sdn-ipsec-flow-protection (which is a subset of > draft-ietf-netconf-crypto-types? Or to import all crypto algorithms many of > which are not relevant to IPsec? What is the common practice? Importing ietf-crypto-types does not mean you have to implement every algorithm listed in the module. You can import the module and chose to implement the algorithms you want to implement, including defining any new ones. > 2. If we do import from draft-ietf-netconf-crypto-types, does it mean > draft-ietf-i2nsf-sdn-ipsec-flow-protection cannot be published until > draft-ietf-netconf-crypto-types is published? Yes. The i2nsf draft will hit the state of MISSREF in the RFC Editor queue. But that should not prevent anyone from starting implementation of the module. As a side note, the NETCONF WG is planning on sending the crypto-types draft to IESG shortly. What you do not want is to duplicate the definition of the algorithms in your own draft. HTH. > > > Thank you very much, > > Linda & Yoav > > _______________________________________________ > yang-doctors mailing list > [email protected] <mailto:[email protected]> > https://www.ietf.org/mailman/listinfo/yang-doctors > <https://www.ietf.org/mailman/listinfo/yang-doctors> Mahesh Jethanandani [email protected]
_______________________________________________ I2nsf mailing list [email protected] https://www.ietf.org/mailman/listinfo/i2nsf
