Tero asked about: 1) Responder MOBIKE 2) Address Failure Errors 3) Labeled IPsec 4) Mitigating privacy concerns
I read through the discussion about them, and read some of the drafts. I find that 1,2,3 are all well defined and bounded in time and space. I found that #4 is not so well understood; in particular it seems to suggest doing things not just defend against, but subvert government actors. I don't really object to such work occuring, but I want to suggest that this is a case of cat-and-mouse arms race. I suggest that the IETF is too slow a place to do this. Do this in open source. I would not object to seeing a a moderate number (~dozen) of types allocated for experimental use. i.e. details to be provided later. Pretty much all of our tables are Expert Review. Go out there and try some things with real code, and then report back in two years which mechanisms scaled and did the right thing. I have a concern with #3: while I know that redhat delivers this to government customers, are there any other vendors will also implement? If not, then I'm worried we won't have enough interested parties to review, unless some of the actual customers are brought to the table to review. I'd like to prioritize #2 as highest. I think that #1 (Responder MOBIKE) may suffer from lack of actual implementers being involved today. -- Michael Richardson <mcr+i...@sandelman.ca>, Sandelman Software Works -= IPv6 IoT consulting =-
signature.asc
Description: PGP signature
_______________________________________________ IPsec mailing list IPsec@ietf.org https://www.ietf.org/mailman/listinfo/ipsec