On Sep 17, 2009, at 5:33 AM, David Wierbowski wrote:
Section 3.1.5 of RFC 4945 states that when generating an ID type of
ID_DER_ASN1_DN that implementations MUST populate the contents of
ID with the Subject field from the end-entity certificate, and MUST
do so such that a binary
Indeed, the matter is strongly related with theoretical proof of evolution
of human intelligence.
Discussion of evolution of human intelligence is indeed a disucussion
about
THE NEXT OF COPENHAGEN INTERPRETATION.
// We should NOT let WIDE steal ideas. :-)
Indeed, it may be possible to
Gentlemen,
This is way out of scope of the IPsec mailing list. Please take this discussion
elsewhere.
Best regards,
Yaron
-Original Message-
From: ipsec-boun...@ietf.org [mailto:ipsec-boun...@ietf.org] On Behalf Of
Tadayuki Abraham HATTORI
Sent: Thursday, September 17,
Paul Hoffman writes:
Greetings again. This message starts the WG Last Call on
draft-ietf-ipsecme-aes-ctr-ikev2-02.txt. Please read the draft and
comment on the list whether or not you think it is ready for
standardization. We are particularly interested in hearing from
implementers who have
I've now done my AD review for draft-ietf-ipsecme-traffic-visibility-08.
I have two substantive comments, and a bunch of minor clarifications/nits.
The substantive comments first:
- A question: did the WG discuss the pros and cons of integrity
protecting the WESP header? (This does make WESP
At 2:23 PM +0300 9/17/09, Tero Kivinen wrote:
When reading the roadmap I noticed that camellia-ctr is also not
defined for IKEv2 SAs, so I was wondering if the text in this document
could be made generic enough so any counter mode cipher could be used.
It is not clear to me that future counter
At 3:51 PM +0300 9/16/09, Tero Kivinen wrote:
For example the text could look something like this:
--
Yoav, does Tero's proposed new text work for you?
--Paul Hoffman, Director
--VPN Consortium
The IESG has approved the following document:
- 'Redirect Mechanism for IKEv2 '
draft-ietf-ipsecme-ikev2-redirect-13.txt as a Proposed Standard
This document is the product of the IP Security Maintenance and Extensions
Working Group.
The IESG contact persons are Tim Polk and Pasi Eronen.
This is to begin a 2 week working group last call for
draft-ietf-ipsecme-esp-null-heuristics-01. The target status for this document
is Informational.
Please send your comments to the ipsec list by Oct. 1, 2009, as follow-ups to
this message.
Note that this document has had very little review
Yoav (and also Raj),
Thanks for the clarification. The text in 4301 makes sense. What I do not
agree with is the text in 4945 that requires implementations MUST be able
to perform matching based on a bitwise comparison of the entire DN in ID to
its entry in the SPD. I can agree with saying
By the time we re-spin RFC 4945, and I'm not saying that we will, it will look
silly specifying stuff for IKEv1, so that section will probably be omitted.
On Sep 17, 2009, at 11:48 PM, David Wierbowski wrote:
Yoav (and also Raj),
Thanks for the clarification. The text in 4301 makes sense.
11 matches
Mail list logo