On Wed, May 11, 2022 at 4:48 PM Robert Moskowitz
wrote:
> Continuing at sec 6.1:
>
> Skipping 6.2 for now, as it will not be used for current use case (I
> realize I may have one for Manned Aircraft).
>
> Good til 7.2, then skipping 7.2 and 7.3 for now.
>
> I like 7.4 in that UDP gets compressed to zero bytes. And the way you
> have constructed diet-esp to include transport, a separate SCHC rule for
> transport is not needed. Now if the payload is CoAP, then things will
> be different. Per the rfc 8824.
>
> Skip 7.5 and 7.6
>
> Sec 11:
>
> Security Parameter Index (SPI):
>Until Diet-ESP is not deployed outside the scope of IoT and small
>devices,
>
>
> r/ not / /
>
> changed
> ?
>
> What is that not doing there?
>
> Sequence Number (SN): If incremented for each ESP packet, the SN may
>leak some information like the amount of transmitted data or the
>age of the sensor.
>
> If 2 bytes of SN are sent using a counter, there is little to no leakage
> of sensor age.
>
> If little traffic from sensor then only 1 byte may be better for this
> purpose.
>
> I just don't see this as a risk if care is taken. You may want to say
> this.
>
> I added a sentence in the security consideration. Thanks for the
suggestion.
> Finally where is the open source code available?
>
> You need a UDP app in transport mode example in App 1. :)
>
> If you get this draft active, I will work on providing that example. ;)
>
> sure, I will publish an updated version very soon.
>
> thanks.
>
> ___
> IPsec mailing list
> IPsec@ietf.org
> https://www.ietf.org/mailman/listinfo/ipsec
>
--
Daniel Migault
Ericsson
___
IPsec mailing list
IPsec@ietf.org
https://www.ietf.org/mailman/listinfo/ipsec