Hi Yoav, 2010/5/27 Yoav Nir <[email protected]>: > 1. I didn't want to make ha-03 dependent on bis, but since bis is now > approved, we may as well do it.
OK. > > 2. OK > > 3. It should be out of scope, because this is internal to the cluster. We are > not going to require a peer to accept having two SAs with the same SPIs with > the same peer, so it's up to the members to prevent this using their own > out-of-scope method. It is possible to mention this and then say that it's > out of scope, if people think this is necessary. OK. Thx. Best regards. JMC. > > Yoav > > -----Original Message----- > From: [email protected] [mailto:[email protected]] On Behalf Of > Jean-Michel Combes > Sent: Wednesday, May 26, 2010 4:22 PM > To: Yaron Sheffer > Cc: IPsecme WG > Subject: Re: [IPsec] Working Group LC: draft-ietf-ipsecme-ipsec-ha-03 > > Hi, > > please, find my review of this document: > > 1. Introduction > > IKEv2, as described in [RFC4306] and [RFC4718], and IPsec, as > described in [RFC4301] and others, allows deployment of VPNs between > different sites as well as from VPN clients to protected networks. > > <JMC> > Instead of mentioning [RFC4306) and [RFC4718], maybe replace with > [draft-ietf-ipsecme-ikev2bis]? > <JMC> > > [snip] > > 2. Terminology > > [snip] > > "Failover" is the event where a one member takes over some load from > some other member. In a hot standby cluster, this hapens when a > standby memeber becomes active due to a failure of the former active > > <JMC> > s/memeber/member > <JMC> > > [snip] > > 3. The Problem Statement > > <JMC> > I didn't see anything about potential collisions (e.g. SPI for a > specific SA on a member of the cluster is already used on another > member) during a failover: is such an issue out of scope? > <JMC> > > Thanks in advance for your reply. > > Best regards. > > JMC. > > > 2010/5/25 Yaron Sheffer <[email protected]>: >> With 5 more days to go, this is a quick reminder to review the problem >> statement draft so we can move it along, and get to the juicy protocol >> stuff. >> >> This time around, we will take silence as agreement. >> >> Thanks, >> Yaron >> >> On 05/16/2010 03:53 PM, Yaron Sheffer wrote: >>> >>> This is to begin a 2 week working group last call for >>> draft-ietf-ipsecme-ipsec-ha-03 >>> (http://tools.ietf.org/html/draft-ietf-ipsecme-ipsec-ha-03). The target >>> status for this document is Informational. >>> >>> Please send your comments to the ipsec list by May 30, 2010, as >>> follow-ups to this message. >>> >>> Brief comments of the form: "I have read this draft and it looks fine" >>> are also welcome. >>> >>> Quick heads up: this is a requirements definition draft. Once we have >>> determined consensus around it, we would like to move forward with >>> solutions. Individual solution drafts are welcome as usual, but we would >>> like to establish at some point a design team to hash out a common >>> solution document. Let us know by private mail if you're interested. >>> >>> Thanks, >>> Yaron >> >> _______________________________________________ >> IPsec mailing list >> [email protected] >> https://www.ietf.org/mailman/listinfo/ipsec >> > _______________________________________________ > IPsec mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/ipsec > > Scanned by Check Point Total Security Gateway. > _______________________________________________ IPsec mailing list [email protected] https://www.ietf.org/mailman/listinfo/ipsec
