date:20170309

Re: [IPsec] AD review of draft-ietf-ipsecme-tcp-encaps

2017-03-09 Thread Kathleen Moriarty

On Thu, Mar 9, 2017 at 12:47 PM, Tommy Pauly  wrote:
> Hi Kathleen,
>
> Yes, this is referring to how the existing NAT detection works in IKEv2:
>
> https://tools.ietf.org/html/rfc7296
>
> Section 2.23. NAT Traversal
>
>o  The data associated with the NAT_DETECTION_SOURCE_IP notification
>   is a SHA-1 digest of the SPIs (in the order they appear in the
>   header), IP address, and port from which this packet was sent.
>
> We can add a pointer to the section of the RFC.

Great.  Please let me know when that is done and I can start IETF last
call.  Does the WG want me to start that right away or to wait until
after Chicago?  I'm inclined to start it right away and have it on the
first telechat after.

Thanks,
Kathleen

>
> Thanks,
> Tommy
>
>> On Mar 9, 2017, at 9:39 AM, Kathleen Moriarty 
>>  wrote:
>>
>> Hello,
>>
>> Thank you for your work on draft-ietf-ipsecme-tcp-encaps.  It's a well
>> written draft and I just have one question.
>>
>> Section 7: Why is SHA-1 used?  If this is a result of the protocol and
>> prior RFCs, please include a reference. And an explanation on list
>> would be helpful (pointer is fine if this was already discussed.
>>
>>
>>
>> --
>>
>> Best regards,
>> Kathleen
>>
>> ___
>> IPsec mailing list
>> IPsec@ietf.org
>> https://www.ietf.org/mailman/listinfo/ipsec
>



-- 

Best regards,
Kathleen

___
IPsec mailing list
IPsec@ietf.org
https://www.ietf.org/mailman/listinfo/ipsec

Re: [IPsec] AD review of draft-ietf-ipsecme-tcp-encaps

2017-03-09 Thread Tommy Pauly

Hi Kathleen,

Yes, this is referring to how the existing NAT detection works in IKEv2:

https://tools.ietf.org/html/rfc7296

Section 2.23. NAT Traversal

   o  The data associated with the NAT_DETECTION_SOURCE_IP notification
  is a SHA-1 digest of the SPIs (in the order they appear in the
  header), IP address, and port from which this packet was sent.

We can add a pointer to the section of the RFC.

Thanks,
Tommy

> On Mar 9, 2017, at 9:39 AM, Kathleen Moriarty 
>  wrote:
> 
> Hello,
> 
> Thank you for your work on draft-ietf-ipsecme-tcp-encaps.  It's a well
> written draft and I just have one question.
> 
> Section 7: Why is SHA-1 used?  If this is a result of the protocol and
> prior RFCs, please include a reference. And an explanation on list
> would be helpful (pointer is fine if this was already discussed.
> 
> 
> 
> -- 
> 
> Best regards,
> Kathleen
> 
> ___
> IPsec mailing list
> IPsec@ietf.org
> https://www.ietf.org/mailman/listinfo/ipsec

___
IPsec mailing list
IPsec@ietf.org
https://www.ietf.org/mailman/listinfo/ipsec

[IPsec] AD review of draft-ietf-ipsecme-tcp-encaps

2017-03-09 Thread Kathleen Moriarty

Hello,

Thank you for your work on draft-ietf-ipsecme-tcp-encaps.  It's a well
written draft and I just have one question.

Section 7: Why is SHA-1 used?  If this is a result of the protocol and
prior RFCs, please include a reference. And an explanation on list
would be helpful (pointer is fine if this was already discussed.



-- 

Best regards,
Kathleen

___
IPsec mailing list
IPsec@ietf.org
https://www.ietf.org/mailman/listinfo/ipsec

Re: [IPsec] AD review of draft-ietf-ipsecme-tcp-encaps

Re: [IPsec] AD review of draft-ietf-ipsecme-tcp-encaps

[IPsec] AD review of draft-ietf-ipsecme-tcp-encaps

3 matches

Site Navigation

Mail list logo

Footer information