Re: [Hipsec] WGLCs: 4423bis and 5201bis

Hi, On 09/13/2012 11:11 AM, Gonzalo Camarillo wrote: Folks, I would like to start the WGLCs on the following two drafts. These WGLCs will end on September 30th. https://datatracker.ietf.org/doc/draft-ietf-hip-rfc4423-bis/ https://datatracker.ietf.org/doc/draft-ietf-hip-rfc5201-bis/ In

Re: [Hipsec] WGLCs: 4423bis and 5201bis

Hi, On 10/17/2012 06:36 AM, Henderson, Thomas R wrote: 5.1. HIP Control Packets: The HIP header and parameters follow the conventions of [RFC5201] with the exception that the HIP header checksum MUST be zero. Authors, can we get rid of the pseudo header or are we stuck with it? Or can we

Re: [Hipsec] Feedback for 4423bis

Hi, On 10/10/2012 10:05 PM, Sasu Tarkoma wrote: Hi all, I read the latest HIP architecture draft (4423bis-05) and it looks very good. Below you will find some observations that I made when reading the draft. looks good to me too but I have also some suggestions for improvement. Here's the

Re: [Hipsec] additional comments on latest RFC5201-bis draft

FYI, On 09/26/2013 11:45 PM, Henderson, Thomas R wrote: I'll try to wrap up the inputs and post a revision over the weekend, if no further comments. Please see inline below. Xin Gu implemented HIPv2 (sponsored by Aalto university) and the code is now available in the HIPL trunk:

Re: [Hipsec] Feedback for 4423bis

Hi, I have fixed some typos in the latest version of architecture draft (draft-ietf-hip-rfc4423-bis-07). I'd suggest to move it to last call unless there are more quick comments. ___ Hipsec mailing list Hipsec@ietf.org

Re: [Hipsec] WGLC: draft-ietf-hip-rfc4423-bis

Hi, sure thing, thanks Tom for comments! On 04/08/2014 01:25 PM, Gonzalo Camarillo wrote: Hi Tom, thanks for your comments. Authors, could you please look into this? Thanks, Gonzalo On 07/04/2014 12:08 AM, Henderson, Thomas R wrote: Hi, we WGLCed this draft some time ago, but we are

[Hipsec] HIP in a cloud testbed to analyze CERN data

FYI, HIP for Linux is now utilized in a testbed cloud deployment that is used for analyzing CMS (Compact Muon Solenoid) data from CERN. The HIP protocol provides secure connectivity and connection management capabilities for the OpenStack based cloud. Thanks to Salman Toor, Juhani Toivonen and

Re: [Hipsec] Unsticking HIP from 1st gear

Hi, On 05/02/2014 01:29 AM, Robert Moskowitz wrote: On 04/30/2014 02:18 PM, Robert Moskowitz wrote: Automotive analogy because right now I have been dragged back to my automotive history to work on the Connected Car security... I am working on multiple HIP projects. Real vendors with real

Re: [Hipsec] ESP in clientVPN tunnel mode - what is needed in exchange

Hi, On 05/19/2014 09:08 PM, Robert Moskowitz wrote: I have a real need to provide ESP tunnel mode from a HIP client to a gateway. The world just won't go as nicely as I would have wanted it to. location-based security is old fashioned :( At the application layer, tunnel mode may have some

Re: [Hipsec] processing review comments on RFC 5201-bis

Hi, On 06/30/2014 08:46 PM, Tom Taylor wrote: 3) Section 5.2.18: given the strict ordering of HIP parameters, the initial plaintext for the Encrypted content (type and length of initial parameter) may be fairly easily guessed. This opens up the minor possibility of a known plaintext attack.

Re: [Hipsec] processing review comments on RFC 5201-bis

Hi, On 07/02/2014 05:26 PM, Miika Komu wrote: Hi, On 06/30/2014 08:46 PM, Tom Taylor wrote: 3) Section 5.2.18: given the strict ordering of HIP parameters, the initial plaintext for the Encrypted content (type and length of initial parameter) may be fairly easily guessed. This opens up

Re: [Hipsec] NULL encryption mode in RFC 5202-bis

Hi, On 07/08/2014 07:54 AM, Tom Henderson wrote: Hi all, Apologies for cross-posting, but Stephen Farrell raised a DISCUSS (seconded by Kathleen Moriarty) in the IESG evaluation of RFC 5202-bis: Using the Encapsulating Security Payload (ESP) Transport Format with the Host Identity Protocol

Re: [Hipsec] HIP draft updates

Hi Tom, On 07/29/2014 01:09 AM, Tom Henderson wrote: For RFC5202bis, the main issue is the recommendation of NULL encryption as a MUST to implement (issue 43). This has been discussed on the saag list and on this list, and I don't think it is yet resolved although I would like to again

Re: [Hipsec] transition from CLOSING state to state I1-SENT

Hi, On 07/29/2014 01:14 AM, Tom Henderson wrote: This issue with RFC5201-bis is being tracked as issue 48: http://trac.tools.ietf.org/wg/hip/trac/ticket/48 When a HIP association is in state CLOSING and new data arrives to send to the peer, Table 7 states to send another I1 but stay in

Re: [Hipsec] RFC5201-bis: Stephen Farrell's DISCUSS questions

Hi, On 07/22/2014 01:50 AM, Tom Henderson wrote: Also - there are no counter modes, is that wise? HIP DEX defines AES-128-CTR for HIP_CIPHER [3]. However, I just realized that it does not specify its use for the ENCRYPTED parameter. Instead, the specification focuses on the special-purpose

Re: [Hipsec] I-D Action: draft-ietf-hip-rfc4423-bis-09.txt

Protocol Working Group of the IETF. Title : Host Identity Protocol Architecture Authors : Robert Moskowitz Miika Komu Filename: draft-ietf-hip-rfc4423-bis-09.txt Pages : 39 Date: 2014-10

Re: [Hipsec] RFC5201-bis and RFC5202-bis status

Hi, On 09/16/2014 08:20 AM, Tom Henderson wrote: On 09/15/2014 04:37 AM, Gonzalo Camarillo wrote: Hi Tom (Henderson), Jari, Brian, and Ted still have discusses on this document. Could you please summarize for each of them the status of this draft with respect to their particular comments?

Re: [Hipsec] proposed changes to RFC5206-bis

Hi Tom and Rene, On 12/16/2014 05:18 PM, Tom Henderson wrote: Thanks Rene for your comments; responses inline below. On 12/15/2014 02:19 AM, Rene Hummen wrote: Hi Tom, hi all, please find my feedback in-line. On 12 Dec 2014, at 02:09, Tom Henderson t...@tomh.org wrote: Hi all, I recently

Re: [Hipsec] Call for comments: Section with changes from 5201 to 5201bis

Hi, On 02/05/2015 09:33 AM, Gonzalo Camarillo wrote: Folks, during AUTH48, Tom has edited Section 10 of the 5201bis draft, which you can find under the following link: http://www.rfc-editor.org/authors/rfc7401.txt Before publishing it, we would like to start a one-week call for comments on

Re: [Hipsec] A review of draft-ietf-hip-dex-02.txt

Hi, On 06/03/2016 02:20 PM, René Hummen wrote: This is part 3 of 3. I am fine with your fixes. Some comments below. On Mon, Mar 28, 2016 at 10:05 PM, Miika Komu <miika.k...@ericsson.com <mailto:miika.k...@ericsson.com>> wrote: > [...] > 6.2.1.

Re: [Hipsec] A review of draft-ietf-hip-dex-02.txt

Hi Rene, On 06/01/2016 03:08 PM, René Hummen wrote: This is part 2. More to come... I am fine with your fixes for part 2. smime.p7s Description: S/MIME Cryptographic Signature ___ Hipsec mailing list Hipsec@ietf.org

Re: [Hipsec] I-D Action: draft-ietf-hip-native-nat-traversal-12.txt

Miika Komu Filename: draft-ietf-hip-native-nat-traversal-12.txt Pages : 44 Date: 2016-06-23 Abstract: This document specifies a new Network Address Translator (NAT) traversal mode for the Host Identity Protocol (HIP

Re: [Hipsec] WGLC: draft-ietf-hip-native-nat-traversal

better the ICE methodology. On 02/22/2016 05:30 PM, Miika Komu wrote: Hi Ari, below is more detailed list of the nits and also some technical comments about the protocol. On 02/16/2016 04:01 PM, Ari Keränen wrote: On 12/02/16 22:59, Miika Komu wrote: Hi, On 01/29/2016 02:32 PM, Gonzalo

Re: [Hipsec] WGLC: draft-ietf-hip-native-nat-traversal

Hi Ari, below is more detailed list of the nits and also some technical comments about the protocol. On 02/16/2016 04:01 PM, Ari Keränen wrote: On 12/02/16 22:59, Miika Komu wrote: Hi, On 01/29/2016 02:32 PM, Gonzalo Camarillo wrote: Hi, I would like to start a WGLC on the following

Re: [Hipsec] WGLC: draft-ietf-hip-native-nat-traversal

Hi, On 01/29/2016 02:32 PM, Gonzalo Camarillo wrote: Hi, I would like to start a WGLC on the following draft. This WGLC will end on February 12th: https://datatracker.ietf.org/doc/draft-ietf-hip-native-nat-traversal/ Please, send your comments to this list. in general, the draft should

Re: [Hipsec] IPCOMP support in HIP

Hi, I guess it could be a new "IPCOMP" transform similar to the ESP transform: https://tools.ietf.org/html/rfc7402#section-5.1.2 I think R1-I2 would be enough, no need to confirm it in R2, similarly as with ESP transform: https://tools.ietf.org/html/rfc7402#section-5.2.1 On 03/10/2016

[Hipsec] A review of draft-ietf-hip-dex-02.txt

Hi, > 1.1. The HIP Diet EXchange (DEX) > Data packets start to flow after the 4th packet. The 3rd and 4th HIP > packets may carry data payload in the future. However, the details > of this may be defined later. Similarly as in RFC7401, data packets start to flow... (I guess you could also

Re: [Hipsec] WGLC: draft-ietf-hip-native-nat-traversal

Hi Ari, On 04/10/2016 09:28 AM, Ari Keränen wrote: 3.2. Forwarding Rules and Permissions > > > >Permissions are not required for the connectivity checks, but if a > >relayed address is selected to be used for data, the registered host > >MUST send an UPDATE message [RFC7401] with a

Re: [Hipsec] WGLC: draft-ietf-hip-native-nat-traversal

Hi, On 03/29/2016 02:51 AM, Derek Fawcus wrote: On Mon, Mar 07, 2016 at 02:35:07pm +0200, Gonzalo Camarillo wrote: First he will look into adding clarifications to the existing draft while still referencing the old RFC. If the group is not happy with the readability after the editorial pass

Re: [Hipsec] a review of ietf-hip-rfc5206-bis-10

Hi Tom, your changes are fine, thanks for the quick response. On 04/19/2016 08:11 PM, Tom Henderson wrote: Hi Miika, thanks for the review; some responses are inline below. I will continue later in a second message. - Tom On 04/17/2016 01:26 PM, Miika Komu wrote: Hi, I read through ietf

Re: [Hipsec] Stephen Farrell's Discuss on draft-ietf-hip-rfc5203-bis-10: (with DISCUSS and COMMENT)

Hi, the proposed changes seemed fine at least to me. P.S. Sorry, got back from holidays this week. On 08/05/2016 03:42 AM, Julien Laganier wrote: Hi Stephen, FYI I've implemented the proposed change in the last draft revision. Best, --julien On Thu, Jul 21, 2016 at 4:22 AM, Stephen

Re: [Hipsec] I-D Action: draft-ietf-hip-native-nat-traversal-12.txt

Hi Jeff, On 06/30/2016 07:08 PM, Jeff Ahrenholz wrote: Miika, On 6/30/16, 1:12 AM, "Miika Komu" <miika.k...@ericsson.com> wrote: Is it actually a problem for the Responder that two different Initiators happen to claim different SPIs? The Initiators have different IP addres

Re: [Hipsec] WGLC: draft-ietf-hip-native-nat-traversal

Hi Derek, On 03/29/2016 02:51 AM, Derek Fawcus wrote: On Mon, Mar 07, 2016 at 02:35:07pm +0200, Gonzalo Camarillo wrote: First he will look into adding clarifications to the existing draft while still referencing the old RFC. If the group is not happy with the readability after the editorial

Re: [Hipsec] WGLC: draft-ietf-hip-native-nat-traversal

Hi, On 02/16/2016 04:22 PM, Ari Keränen wrote: Thank you for the review Tom! Please see below. On 12/02/2016 11:54 PM, Tom Henderson wrote: Gonzalo and all, My understanding is that the WG reached consensus several years ago that the standards-track NAT traversal variant would be the native

Re: [Hipsec] WGLC: draft-ietf-hip-native-nat-traversal

Hi, On 02/23/2016 04:08 PM, Tom Henderson wrote: On 02/16/2016 06:22 AM, Ari Keränen wrote: Thank you for the review Tom! Please see below. On 12/02/2016 11:54 PM, Tom Henderson wrote: Gonzalo and all, My understanding is that the WG reached consensus several years ago that the

Re: [Hipsec] I-D Action: draft-ietf-hip-native-nat-traversal-15.txt

: Native NAT Traversal Mode for the Host Identity Protocol Authors : Ari Keranen Jan Melén Miika Komu Filename: draft-ietf-hip-native-nat-traversal-15.txt Pages : 52 Date: 2017-02-01

Re: [Hipsec] I-D Action: draft-ietf-hip-native-nat-traversal-15.txt

/17, 3:14 AM, "Hipsec on behalf of Miika Komu" <hipsec-boun...@ietf.org on behalf of miika.k...@ericsson.com> wrote: Hi, as you can see the diff link below, this version includes some minor editorial nits, but also some additional text in this section: 4.2. T

Re: [Hipsec] Relaying to non-hip aware servers

Hi Robert, On 09/27/2016 04:46 PM, Robert Moskowitz wrote: Where did we describe connections from a mobile hip-aware host to a legacy non-HIP 'stable' server. I thought it was HIPBONE (as it is not what HIP nat traversal is about), but I am not seeing this function there. Basically, the

Re: [Hipsec] Comment on VIA_RVS parameter - 5204 & 06 -bis

Hi, On 09/16/2016 02:45 PM, Robert Moskowitz wrote: On 09/16/2016 06:57 AM, Tom Henderson wrote: On Thu, 15 Sep 2016, Robert Moskowitz wrote: 5206-bis specifies how to user RVS for the 'double-jump' mobility problem. 3.2.3 1) says: 1. The mobile host sending an UPDATE to the peer, and

Re: [Hipsec] A review of draft-ietf-hip-dex-02.txt

, Miika Komu <miika.k...@ericsson.com <mailto:miika.k...@ericsson.com>> wrote: Hi, On 06/03/2016 02:20 PM, René Hummen wrote: This is part 3 of 3. I am fine with your fixes. Some comments below. On Mon, Mar 28, 2016 at 10:05 PM, Miika Komu

Re: [Hipsec] Comment on VIA_RVS parameter - 5204 & 06 -bis

Hi, On 09/27/2016 03:56 AM, Robert Moskowitz wrote: On 09/26/2016 09:08 AM, Miika Komu wrote: Hi, On 09/16/2016 02:45 PM, Robert Moskowitz wrote: On 09/16/2016 06:57 AM, Tom Henderson wrote: On Thu, 15 Sep 2016, Robert Moskowitz wrote: 5206-bis specifies how to user RVS

Re: [Hipsec] RFC 4423bis and hip-dex

Hi Gonzalo, On 10/21/2016 10:28 AM, Gonzalo Camarillo wrote: Bob, Miika, RFC 4423bis does not reference the hip-dex draft. Should it? https://tools.ietf.org/html/draft-ietf-hip-rfc4423-bis-14 we can add it if needed. The only problem is that we should push back the 4423bis draft in the

Re: [Hipsec] RFC 4423bis and hip-dex

. Cheers, Gonzalo On 27/10/2016 1:57 PM, Miika Komu wrote: Hi Gonzalo, On 10/21/2016 10:28 AM, Gonzalo Camarillo wrote: Bob, Miika, RFC 4423bis does not reference the hip-dex draft. Should it? https://tools.ietf.org/html/draft-ietf-hip-rfc4423-bis-14 we can add it if needed. The only problem

Re: [Hipsec] I-D Action: draft-ietf-hip-native-nat-traversal-14.txt

lable from the on-line Internet-Drafts directories. This draft is a work item of the Host Identity Protocol of the IETF. Title : Native NAT Traversal Mode for the Host Identity Protocol Authors : Ari Keranen Jan Melén

Re: [Hipsec] I-D Action: draft-ietf-hip-native-nat-traversal-14.txt

Hi Robert, yes, mobility support is specified in the draft. From: Robert Moskowitz [mailto:r...@htt-consult.com] Sent: Friday, November 25, 2016 6:33 AM To: Miika Komu <miika.k...@ericsson.com>; hipsec@ietf.org Subject: Re: [Hipsec] I-D Action: draft-ietf-hip-native-nat-traversal-

Re: [Hipsec] I-D Action: draft-ietf-hip-native-nat-traversal-19.txt

the on-line Internet-Drafts directories. This draft is a work item of the Host Identity Protocol of the IETF. Title : Native NAT Traversal Mode for the Host Identity Protocol Authors : Ari Keranen Jan Melén Miika Komu

Re: [Hipsec] WGLC: draft-ietf-hip-native-nat-traversal-15

Hi, a preliminary version here: http://mkomu.kapsi.fi/temp/draft-hip-native-nat-traversal-19.txt Not yet on IETF site since I missed the cut-off deadline. On 02/19/2017 05:18 PM, Tom Henderson wrote: Hello, I have read the latest (-17) draft and sent some purely editorial comments to Miika.

Re: [Hipsec] WGLC: draft-ietf-hip-native-nat-traversal-15

Hi Tom, On 03/14/2017 11:19 AM, Miika Komu wrote: [..] A couple of fixes for me to edit: * Appendix B: normative vs non-normative terminology > [...] so the appendix was using normative terminology which was a bit strange. As a quick fix, I thought about moving this appendix to the b

Re: [Hipsec] WGLC: draft-ietf-hip-native-nat-traversal-15

Hi, On 03/15/2017 04:37 PM, Jeff Ahrenholz wrote: I might suggest to recommend NOTIFY (and define the keepalive) and state that other messages including ICMPv6 or UPDATE may be substituted. If there is a need for bi-directional connectivity checking, recommend to use UPDATE; if there are

Re: [Hipsec] I-D Action: draft-ietf-hip-native-nat-traversal-19.txt

have “I2_ACKNOWLEDGEMENT 16384” in RFC 5201 and RFC 7401. thanks, -Jeff On 3/27/17, 12:41 AM, "Hipsec on behalf of Miika Komu" <hipsec-boun...@ietf.org on behalf of miika.k...@ericsson.com> wrote: Hi, the preliminary version is now published as it is (except I h

Re: [Hipsec] I-D Action: draft-ietf-hip-native-nat-traversal-20.txt

4.12.3. Handling Conflicting SPI Values * Editorial fixes to make the two cases more understandable If you want to see the diff in detail, please check from here: https://www.ietf.org/rfcdiff?url2=draft-ietf-hip-native-nat-traversal-20 On 04/25/2017 02:47 PM, Miika Komu wrote: Hi, th

Re: [Hipsec] I-D Action: draft-ietf-hip-native-nat-traversal-20.txt

-Drafts directories. This draft is a work item of the Host Identity Protocol of the IETF. Title : Native NAT Traversal Mode for the Host Identity Protocol Authors : Ari Keranen Jan Melén Miika Komu Filename

Re: [Hipsec] Comments on draft-hip-native-nat-traversal-19

Hi Christer, On 03/26/2017 02:34 AM, Christer Holmberg wrote: Hi, As co-author for the ICEbis draft, I was asked to review draft-hip-native-nat-traversal-19. I have not had time to review the whole document. However, many of my comments are generic, and apply to the whole document. thanks

Re: [Hipsec] I-D Action: draft-ietf-hip-native-nat-traversal-19.txt

, Christer -Original Message- From: Hipsec [mailto:hipsec-boun...@ietf.org] On Behalf Of Miika Komu Sent: 27 March 2017 10:41 To: hipsec@ietf.org Subject: Re: [Hipsec] I-D Action: draft-ietf-hip-native-nat-traversal-19.txt Hi, the preliminary version is now published as it is (except I had

Re: [Hipsec] I-D Action: draft-ietf-hip-rfc4423-bis-17.txt

Protocol Architecture Authors : Robert Moskowitz Miika Komu Filename: draft-ietf-hip-rfc4423-bis-17.txt Pages : 42 Date: 2017-08-07 Abstract: This memo describes a new namespace, the Host Identity

Re: [Hipsec] I-D Action: draft-ietf-hip-rfc4423-bis-18.txt

y Protocol WG of the IETF. Title : Host Identity Protocol Architecture Authors : Robert Moskowitz Miika Komu Filename: draft-ietf-hip-rfc4423-bis-18.txt Pages : 42 Date: 2017-11-23

Re: [Hipsec] I-D Action: draft-ietf-hip-native-nat-traversal-23.txt

: Ari Keranen Jan Melén Miika Komu Filename: draft-ietf-hip-native-nat-traversal-23.txt Pages : 60 Date: 2017-11-12 Abstract: This document specifies a new Network Address Translator (NAT

Re: [Hipsec] WGLC: draft-ietf-hip-native-nat-traversal-23

Hi, thanks Tom! I applied your fixes to the version 25 of the document. On 12/08/2017 08:04 AM, Tom Henderson wrote: Gonzalo, I've read the draft again, and sent Miika some editorial comments.  I believe it is ready to publish. - Tom On Wed, 22 Nov 2017, Gonzalo Camarillo wrote: Folks,

Re: [Hipsec] Eric Rescorla's Discuss on draft-ietf-hip-native-nat-traversal-28: (with DISCUSS and COMMENT)

Hi, On 05/06/2018 10:23 PM, Christer Holmberg wrote: Hi, The question is whether this document should re-define the HIP variations to ICE that RFC 5770 already does. That may be your question, but it's not my question. My question is that I'm not sure this document is sufficiently clear

Re: [Hipsec] I-D Action: draft-ietf-hip-native-nat-traversal-21.txt

ies. This draft is a work item of the Host Identity Protocol WG of the IETF. Title : Native NAT Traversal Mode for the Host Identity Protocol Authors : Ari Keranen Jan Melén Miika Komu Filename: dr

Re: [Hipsec] I-D Action: draft-ietf-hip-native-nat-traversal-22.txt

of the Host Identity Protocol WG of the IETF. Title : Native NAT Traversal Mode for the Host Identity Protocol Authors : Ari Keranen Jan Melén Miika Komu Filename: draft-ietf-hip-native-nat-traversal

Re: [Hipsec] I-D Action: draft-ietf-hip-native-nat-traversal-26.txt

Miika Komu Filename: draft-ietf-hip-native-nat-traversal-26.txt Pages : 60 Date: 2017-12-20 Abstract: This document specifies a new Network Address Translator (NAT) traversal mode for the Host Identity Protocol (HIP). The new

Re: [Hipsec] I-D Action: draft-ietf-hip-native-nat-traversal-27.txt

-Drafts directories. This draft is a work item of the Host Identity Protocol WG of the IETF. Title : Native NAT Traversal Mode for the Host Identity Protocol Authors : Ari Keranen Jan Melén Miika Komu

Re: [Hipsec] Genart last call review of draft-ietf-hip-native-nat-traversal-27

Hi Roni, thanks for the detailed review! My comments are below. On 02/26/2018 03:21 PM, Roni Even wrote: Reviewer: Roni Even Review result: Almost Ready I am the assigned Gen-ART reviewer for this draft. The General Area Review Team (Gen-ART) reviews all IETF documents being processed by the

Re: [Hipsec] Genart telechat review of draft-ietf-hip-native-nat-traversal-28

Hi Roni, On 04/08/2018 10:32 AM, Roni Even wrote: Reviewer: Roni Even Review result: Ready with Nits I am the assigned Gen-ART reviewer for this draft. The General Area Review Team (Gen-ART) reviews all IETF documents being processed by the IESG for the IETF Chair. Please wait for direction

Re: [Hipsec] [Gen-art] Genart last call review of draft-ietf-hip-native-nat-traversal-27

. As for posting a new version, I think it will be good to submit one with all the changes that came in the IETF LC Roni -Original Message- From: Gen-art [mailto:gen-art-boun...@ietf.org] On Behalf Of Miika Komu Sent: Thursday, March 01, 2018 4:13 PM To: Roni Even; gen-...@ietf.org Cc

Re: [Hipsec] Genart last call review of draft-ietf-hip-rfc4423-bis-18

Hi Joel, thanks for the nice review! My suggested changes for HIP architecture document are below (in "diff" format). On 02/18/2018 07:33 AM, Joel Halpern wrote: Reviewer: Joel Halpern Review result: Ready with Nits I am the assigned Gen-ART reviewer for this draft. The General Area Review

Re: [Hipsec] Secdir last call review of draft-ietf-hip-rfc4423-bis-19

Hi Sean, On 02/27/2018 05:06 PM, Sean Turner wrote: Reviewer: Sean Turner Review result: Has Nits This is a bis draft of the HIP (Host Identity Protocol) Architecture and because of that I focused on what’s changed (i.e., I reviewed the diffs from

Re: [Hipsec] Eric Rescorla's Discuss on draft-ietf-hip-native-nat-traversal-28: (with DISCUSS and COMMENT)

Hi Eric, apologies for the belated response, I am not working on HIP anymore, so it has been rather difficult to find time for this. On 5/4/18 22:34, Eric Rescorla wrote: > Eric Rescorla has entered the following ballot position for > draft-ietf-hip-native-nat-traversal-28: Discuss > > When

Re: [Hipsec] Adam Roach's No Objection on draft-ietf-hip-rfc4423-bis-19: (with COMMENT)

Hi Adam, On 5/10/18 02:34, Adam Roach wrote: > Adam Roach has entered the following ballot position for > draft-ietf-hip-rfc4423-bis-19: No Objection > > When responding, please keep the subject line intact and reply to all > email addresses included in the To and CC lines. (Feel free to cut

Re: [Hipsec] Ben Campbell's No Objection on draft-ietf-hip-rfc4423-bis-19: (with COMMENT)

Hi Ben, On 5/10/18 05:53, Ben Campbell wrote: > Ben Campbell has entered the following ballot position for > draft-ietf-hip-rfc4423-bis-19: No Objection > > When responding, please keep the subject line intact and reply to all > email addresses included in the To and CC lines. (Feel free to cut

Re: [Hipsec] Eric Rescorla's No Objection on draft-ietf-hip-rfc4423-bis-19: (with COMMENT)

Hi, On 1/20/19 07:59, Tom Henderson wrote: > On 1/8/19 3:44 PM, Eric Rescorla wrote: >> >> >> On Tue, Jan 8, 2019 at 9:50 AM Tom Henderson > > wrote: >> >>     On 1/8/19 5:57 AM, Eric Rescorla wrote: >> >> >     The second preimage attack resistance is 96 bits, plus >>  

Re: [Hipsec] Mirja Kühlewind's No Objection on draft-ietf-hip-rfc4423-bis-19: (with COMMENT)

Hi Mirja, On 5/7/18 16:42, Mirja Kühlewind wrote: > Mirja Kühlewind has entered the following ballot position for > draft-ietf-hip-rfc4423-bis-19: No Objection > > When responding, please keep the subject line intact and reply to all > email addresses included in the To and CC lines. (Feel free

Re: [Hipsec] Eric Rescorla's No Objection on draft-ietf-hip-rfc4423-bis-19: (with COMMENT)

Hi Eric, On 5/7/18 00:41, Eric Rescorla wrote: Eric Rescorla has entered the following ballot position for draft-ietf-hip-rfc4423-bis-19: No Objection When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this

Re: [Hipsec] Opsdir last call review of draft-ietf-hip-rfc4423-bis-19

Hi Will, On 5/10/18 12:16, Will LIU wrote: > Reviewer: Will LIU > Review result: Ready > > Hi all, > > (Sorry , it seems to me that the notification was blocked by the filter. I > guess it's a little bit late.) no it's not! It's me who is running late. > I have reviewed

Re: [Hipsec] Eric Rescorla's No Objection on draft-ietf-hip-rfc4423-bis-19: (with COMMENT)

Hi Eric, (some other questions still remain to be discussed besides the second preimage collision issue) On 11/21/18 21:37, Eric Rescorla wrote: > > > On Tue, Nov 20, 2018 at 12:07 PM Miika Komu <mailto:mk...@kapsi.fi>> wrote: > > Hi Eric, > > On 5/7

Re: [Hipsec] Benjamin Kaduk's No Objection on draft-ietf-hip-rfc4423-bis-19: (with COMMENT)

Hi Benjamin, On 5/9/18 23:58, Benjamin Kaduk wrote: > Benjamin Kaduk has entered the following ballot position for > draft-ietf-hip-rfc4423-bis-19: No Objection > > When responding, please keep the subject line intact and reply to all > email addresses included in the To and CC lines. (Feel free

Re: [Hipsec] Opsdir last call review of draft-ietf-hip-dex-06

Hi Qin, I am stepping in and helping the authors to finalize this draft. On 3/2/18 20:15, Robert Moskowitz wrote: > > > On 02/23/2018 03:23 AM, Qin Wu wrote: >> Reviewer: Qin Wu >> Review result: Ready >> >> Summary: >> This document defines the Host Identity Protocol Diet EXchange (HIP >>    

Re: [Hipsec] Secdir last call review of draft-ietf-hip-dex-06

Hi David, I am stepping in and helping the authors to finish the draft as agreed with the authors and HIP WG chair. I am not actively working on the topic, so I have very limited time for this but I have earlier background in HIP. Please let me know if the following comments and edits address

Re: [Hipsec] Spencer Dawkins' No Objection on draft-ietf-hip-dex-06: (with COMMENT)

Hi, ma, 2018-05-21 kello 17:52 -0700, Spencer Dawkins kirjoitti: > Spencer Dawkins has entered the following ballot position for > draft-ietf-hip-dex-06: No Objection > > When responding, please keep the subject line intact and reply to all > email addresses included in the To and CC lines.

Re: [Hipsec] Adam Roach's Abstain on draft-ietf-hip-native-nat-traversal-28: (with COMMENT)

Hi, pe, 2019-10-04 kello 10:58 -0500, Adam Roach kirjoitti: > Thanks for the reply! I think we're getting closer to an answer > here, > but I'm still quite lost on one key aspect. > > > On 10/4/19 7:15 AM, Miika Komu wrote: > > In the legacy HIP NAT traversal (RFC5770)

Re: [Hipsec] Adam Roach's Abstain on draft-ietf-hip-native-nat-traversal-28: (with COMMENT)

find legacy HIP ICE measurements from around 20 master theses and publications. Unfortunately, I did not find exact match but I would argue that the so called LSI translation has a similar overhead as parsing the STUN packets. Based on the peer reviwed publication below, dealing with STUN (or LSI) with userspac

Re: [Hipsec] Adam Roach's No Objection on draft-ietf-hip-native-nat-traversal-30: (with COMMENT)

Hi Adam, ma, 2020-02-24 kello 09:15 -0800, Adam Roach via Datatracker kirjoitti: > Adam Roach has entered the following ballot position for > draft-ietf-hip-native-nat-traversal-30: No Objection > > When responding, please keep the subject line intact and reply to all > email addresses included

Re: [Hipsec] Eric Rescorla's Discuss on draft-ietf-hip-native-nat-traversal-28: (with DISCUSS and COMMENT)

Hi Eric, to, 2020-02-20 kello 06:04 -0800, Eric Rescorla kirjoitti: > > > On Wed, Feb 19, 2020 at 10:50 PM Miika Komu > wrote: > > Hi Eric, > > > > ke, 2020-02-19 kello 13:20 -0800, Eric Rescorla kirjoitti: > > > > > > > S 5.8. > > &g

Re: [Hipsec] Alvaro Retana's No Objection on draft-ietf-hip-native-nat-traversal-28: (with COMMENT)

Hi Alvaro, ke, 2018-05-09 kello 13:44 -0700, Alvaro Retana kirjoitti: > Alvaro Retana has entered the following ballot position for > draft-ietf-hip-native-nat-traversal-28: No Objection > > When responding, please keep the subject line intact and reply to all > email addresses included in the

Re: [Hipsec] Ben Campbell's Abstain on draft-ietf-hip-native-nat-traversal-28: (with COMMENT)

Hi Ben, thanks for your comments! My response below. ke, 2018-05-09 kello 19:05 -0700, Ben Campbell kirjoitti: > Ben Campbell has entered the following ballot position for > draft-ietf-hip-native-nat-traversal-28: Abstain > > When responding, please keep the subject line intact and reply to all

Re: [Hipsec] Spencer Dawkins' No Objection on draft-ietf-hip-native-nat-traversal-28: (with COMMENT)

Hi Spencer, thanks for your comments, please see my response below. ke, 2018-05-09 kello 18:18 -0700, Spencer Dawkins kirjoitti: > Spencer Dawkins has entered the following ballot position for > draft-ietf-hip-native-nat-traversal-28: No Objection > > When responding, please keep the subject

Re: [Hipsec] Eric Rescorla's Discuss on draft-ietf-hip-native-nat-traversal-28: (with DISCUSS and COMMENT)

Hi Eric, thanks for your comments, my response below. ke, 2018-12-26 kello 17:04 -0800, Eric Rescorla kirjoitti: > > > On Wed, Nov 7, 2018 at 1:37 PM Miika Komu > wrote: > > Hi Eric, > > > > apologies for the belated response, I am not working on HIP > >

Re: [Hipsec] Mirja Kühlewind's Discuss on draft-ietf-hip-native-nat-traversal-28: (with DISCUSS and COMMENT)

Hi Mirja, thanks for your comments! My response is below, let me know if you have further concerns. to, 2018-05-10 kello 03:00 -0700, Mirja Kühlewind kirjoitti: > Mirja Kühlewind has entered the following ballot position for > draft-ietf-hip-native-nat-traversal-28: Discuss > > When responding,

Re: [Hipsec] Eric Rescorla's Discuss on draft-ietf-hip-native-nat-traversal-28: (with DISCUSS and COMMENT)

Hi, to, 2020-02-20 kello 08:58 -0800, Eric Rescorla kirjoitti: > > > On Thu, Feb 20, 2020 at 7:38 AM Miika Komu > wrote: > > Hi Eric, > > > > to, 2020-02-20 kello 06:04 -0800, Eric Rescorla kirjoitti: > > > > > > > > >

Re: [Hipsec] Eric Rescorla's Discuss on draft-ietf-hip-native-nat-traversal-28: (with DISCUSS and COMMENT)

c Rescorla kirjoitti: > Typically in security protocols we look for demonstrations of this. > What is your argument for why it cannot? > > -Ekr > > > On Fri, Feb 21, 2020 at 4:25 AM Miika Komu > wrote: > > Hi, > > > > to, 2020-02-20 kello 08:58 -0800, Eric Rescor

Re: [Hipsec] Re-doing the IESG ballot for draft-ietf-hip-native-nat-traversal

Hi Eric, I disagree about the overhead occuring only during set up time because STUN message format is incompatible with ESP formatting, so an implementation needs to constantly monitor and intercept STUN packets from the data-plane traffic. This causes a continuous overhead to the data plane, so

Re: [Hipsec] Fwd: New Version Notification for draft-ietf-hip-dex-12.txt

Hi, ke, 2020-02-12 kello 17:20 +, Jeff Ahrenholz kirjoitti: > > I believe this version answers all the IESG issues. > > > > Please review, there are some important additions. > > > > EKR had a number of security concerns. Some I feel don't apply to > > HIP, like use an AEAD for HIP packet

Re: [Hipsec] Eric Rescorla's Discuss on draft-ietf-hip-native-nat-traversal-28: (with DISCUSS and COMMENT)

Hi Eric, ke, 2020-02-19 kello 13:20 -0800, Eric Rescorla kirjoitti: > > > > > S 5.8. > > > > >> > > > > >>5.8. RELAY_HMAC Parameter > > > > >> > > > > >> As specified in Legacy ICE-HIP [RFC5770], the > > RELAY_HMAC > > > > parameter > > > > >> value has the TLV type

Re: [Hipsec] Benjamin Kaduk's No Objection on draft-ietf-hip-native-nat-traversal-28: (with COMMENT)

Hi Benjamin, thanks for the very detailed comments and apologies for my extremely slow reaction! My corrections are below. If you think I haven't addressed your concerns, please let me know. ke, 2018-05-09 kello 08:02 -0700, Benjamin Kaduk kirjoitti: > Benjamin Kaduk has entered the following

Re: [Hipsec] Alissa Cooper's No Objection on draft-ietf-hip-native-nat-traversal-28: (with COMMENT)

Hi Alissa, thanks for the comments. Let me know if you have further concerns, my corrections are listed below. ke, 2018-05-09 kello 08:39 -0700, Alissa Cooper kirjoitti: > Alissa Cooper has entered the following ballot position for > draft-ietf-hip-native-nat-traversal-28: No Objection > > When

Re: [Hipsec] Alissa Cooper's No Objection on draft-ietf-hip-native-nat-traversal-28: (with COMMENT)

Hi Alissa, ke, 2018-05-09 kello 08:39 -0700, Alissa Cooper kirjoitti: > Why is this document on the standards track when RFC 5770 was > experimental? I forgot to explain this. The reason was that the WG decided to push all of the experimental track work to standards track, including the earlier

Re: [Hipsec] Iotdir last call review of draft-ietf-hip-dex-11

Hi, (Robert, please double check if you agree with my comments) su, 2019-11-24 kello 22:38 -0800, Michael Richardson via Datatracker kirjoitti: > Reviewer: Michael Richardson > Review result: Ready > > I am the assigned IoT-Directorate reviewer for 1draft-ietf-hip-dex > I reviewed the -11

Re: [Hipsec] DNS considerations in draft-ietf-hip-native-nat-traversal

ff > > On 4/5/20, 6:20 AM, "Hipsec on behalf of Miika Komu" < > hipsec-boun...@ietf.org on behalf of > miika.komu=40ericsson@dmarc.ietf.org> wrote: > > Hi, > > during IESG review Magnus Westerlund asked about DNS support in > draft- >

Re: [Hipsec] DNS considerations in draft-ietf-hip-native-nat-traversal

an HIP/ a HIP/ > s/the the A/the A/ > > -Jeff > > On 4/5/20, 6:20 AM, "Hipsec on behalf of Miika Komu" < > hipsec-boun...@ietf.org on behalf of > miika.komu=40ericsson@dmarc.ietf.org> wrote: > > Hi, > > during IESG review Magnus Weste

  1   2   >