Hi Paul, I click send too quickly. I agree that providing the minimal description for ESP and IKEv2 is useful, however Diet-ESP and minimal implementations have different goals.
BR, Daniel On Wed, Feb 18, 2015 at 5:08 AM, Daniel Migault <[email protected]> wrote: > Hi Paul, > > The bare minimal implementation of IKEv2 and IPsec/ESP have been proposed > in lwig WG: draft-ietf-lwig-ikev2-minimal-01.txt > <https://tools.ietf.org/html/draft-ietf-lwig-ikev2-minimal-01> and > draft-mglt-lwig-minimal-esp-01.txt > <http://www.ietf.org/archive/id/draft-mglt-lwig-minimal-esp-01.txt> > > Diet-ESP is definitely not "tweaking a byte here and there". Instead, it > combines ROHC ROHCoverIPsec and IPsec/ESP. This provides the necessary > flexibility to provide the appropriated security in any situation. > > I appreciate you provide feed back, however, I need more technical > argument to make you less nervous. > > BR, > Daniel > > BR, > Daniel > > On Tue, Feb 17, 2015 at 7:32 PM, Paul Wouters <[email protected]> wrote: > >> On Tue, 17 Feb 2015, Hannes Tschofenig wrote: >> >> If there is indeed a need for IPsec ESP use in IoT then I am not sure >>> that the proposed optimizations are so useful given the impact for >>> security. >>> >> >> I agree. I think it would be very useful to describe a barebones minimal >> IKEv2 feature set and even an ESP minimal set for such use, but tweaking >> a byte here and there of the ESP protocol parameters makes we very >> nervous. >> >> Paul >> > > > > -- > Daniel Migault > Ericsson > -- Daniel Migault Ericsson
_______________________________________________ IPsec mailing list [email protected] https://www.ietf.org/mailman/listinfo/ipsec
