Hi,
The recent draft on extending WESP which was presented in Hiroshima, explains
why the current WESP is *not* extensible, and we would need a new version
number if we are to add any extensions in the future.
It is up to the WG to decide whether or not we want to adopt the draft, given
that many people were skeptical about the specific extensions proposed. But
regardless of that, it would be a mistake to publish WESP today with no
facility for extensibility. After consulting with Pasi (the draft is at a very
late stage, having been through IESG review), I would like to make a simple
proposal to add this extensibility, with (almost) no change to the current
draft. This will leave us with future options, at virtually no cost. I am
basically just changing the semantics of the Padding field. Specifically:
1. Rename IPv6Padding to "Padding (Reserved for Future Use)", and allow it to
be any length <256, subject to the IPv4 and IPv6 alignment constraints.
2. If P=1 (Padding Present flag), the first octet of the Padding field will
hold the padding's length. [Hardware implementations can check that it is 4 for
IPv6, otherwise move the packet to the slow path]. All other Padding octets are
sent as zero, and ignored by the receiver.
Note that there are barely any changes on the wire, as long as we don't have
extensions. In particular the length remains unchanged.
Thanks,
Yaron
_______________________________________________
IPsec mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/ipsec
