Re: [IPsec] Call for adoption on draft-fluhrer-qr-ikev2 as an IPSecME WG document

2016-06-30 Thread Waltermire, David A. (Fed)
Could multiple identifier aliases be used to provide different ids for the same key? This could help preserve anonymity until all id aliases are exhausted. By providing enough aliases, the same key can be reused multiple times until the aliases run out. Dave

Re: [IPsec] [I2nsf] How does Overlay Network inform the Underlay network on which flows among Overlay network nodes need to go through IPSec Tunnel? (was : Flow Security Policies exchanged over I2NSF

2016-06-30 Thread Sowmini Varadhan
Hi, sorry for the delay in response, needed some time to go over the draft carefully. Here are some comments. > 1. Introduction : >.. In this sense, it will provision the required >parameters to create valid entries in the Security Association >Database (SAD), which we

Re: [IPsec] Review of draft-ietf-ipsecme-ddos-protection-06

2016-06-30 Thread Valery Smyslov
Hi Paul, thank you for part two of your review. This is part two of my review. I do think the document needs some work moving text to better locations and I have some questions I would like to see resolved. I wrote down some nits but stopped doing that in the end because I think chunks of text

Re: [IPsec] Call for adoption on draft-fluhrer-qr-ikev2 as an IPSecME WG document

2016-06-30 Thread Paul Wouters
On Thu, 30 Jun 2016, Rodney Van Meter wrote: I think it’s pretty clear that a mechanism for using keys created in some out-of-band fashion for keying symmetric encryption methods, such as AES, is valuable. Yes. Neither Shota nor I have sat down and reviewed this in detail, so I can’t

Re: [IPsec] Call for adoption on draft-fluhrer-qr-ikev2 as an IPSecME WG document

2016-06-30 Thread Rodney Van Meter
> On Jun 29, 2016, at 3:12 AM, Waltermire, David A. (Fed) > wrote: > > This has been a good discussion so far. There is work to be done to address > the issues raised. > > Getting back to the call for adoption, I'd like to see feedback on the > following questions

Re: [IPsec] Review of draft-ietf-ipsecme-ddos-protection-06

2016-06-30 Thread Paul Wouters
On Tue, 28 Jun 2016, Valery Smyslov wrote: This is part two of my review. I do think the document needs some work moving text to better locations and I have some questions I would like to see resolved. I wrote down some nits but stopped doing that in the end because I think chunks of text shoud

Re: [IPsec] Review of draft-ietf-ipsecme-ddos-protection

2016-06-30 Thread Valery Smyslov
Hi Dave, thank you for your review. I just completed a review of the DDoS draft. I fixed a number of grammar and wording issues. I would like to issue a pull request, but I don't have access to the site yet. I hope to get that resolved ASAP and then submit the pull request. While I was