[IPsec] Proposed wording for a revised charter

2016-03-04 Thread Tero Kivinen
Paul Hoffman writes: > Greetings. We need to update our charter to reflect our current and > expected work. Dave and I propose the following text. Please let us know > within the next week if you have suggestions for changes. Should we add something about making the IKEv2 resistant to QC based

Re: [IPsec] WGLC on draft-ietf-ipsecme-ddos-protection-04

2016-03-04 Thread Paul Wouters
On Fri, 4 Mar 2016, Dr. Karan Verma wrote: [ Did this go way of-topic? This does not relate to DDOS at all? ] 1. The root CA certificate corresponding to the server certificate must be installed on the client computers in the Trusted Root Certification Authorities per-computer certificate

Re: [IPsec] WGLC on draft-ietf-ipsecme-ddos-protection-04

2016-03-04 Thread Paul Wouters
On Tue, Mar 1, 2016 at 9:03 PM, Waltermire, David A. (Fed) wrote: All: With the draft-ietf-ipsecme-ddos-protection-04 freshly minted, I believe the draft is shaping up nicely, but needs additional review. To that end, this message starts a Working

Re: [IPsec] draft-fluhrer-qr-ikev2-01

2016-03-04 Thread Scott Fluhrer (sfluhrer)
From: Valery Smyslov [mailto:sva...@gmail.com] Sent: Saturday, February 20, 2016 3:12 AM To: Scott Fluhrer (sfluhrer); ipsec@ietf.org Subject: Re: [IPsec] draft-fluhrer-qr-ikev2-01 Hi Scott, thank you for issuing a new version of the draft that addresses most of my comments on -00 version.

Re: [IPsec] Proposed wording for a revised charter

2016-03-04 Thread Paul Wouters
On Fri, 4 Mar 2016, Tommy Pauly wrote: I would also like to see the draft for TCP encapsulation added as an item, since we’ve gotten a fair amount of support for it. For the purposes of the charter, it may be good to have a broader explanation of the goal—something to the effect that the

Re: [IPsec] WGLC on draft-ietf-ipsecme-ddos-protection-04

2016-03-04 Thread Yoav Nir
> On 4 Mar 2016, at 7:02 PM, Tommy Pauly wrote: > > Hello Dave, > > I tend to agree with Paul that I find it unlikely, from an implementor’s > standpoint, that many Initiators will choose to implement the puzzle logic, > especially ones that are running on mobile devices.

Re: [IPsec] WGLC on draft-ietf-ipsecme-ddos-protection-04

2016-03-04 Thread Tommy Pauly
> On Mar 4, 2016, at 9:32 AM, Yoav Nir wrote: > >> >> On 4 Mar 2016, at 7:02 PM, Tommy Pauly wrote: >> >> Hello Dave, >> >> I tend to agree with Paul that I find it unlikely, from an implementor’s >> standpoint, that many Initiators will choose to

Re: [IPsec] Proposed wording for a revised charter

2016-03-04 Thread Tommy Pauly
I would also like to see the draft for TCP encapsulation added as an item, since we’ve gotten a fair amount of support for it. For the purposes of the charter, it may be good to have a broader explanation of the goal—something to the effect that the working group should focus on making sure

Re: [IPsec] WGLC on draft-ietf-ipsecme-ddos-protection-04

2016-03-04 Thread Tommy Pauly
Hello Dave, I tend to agree with Paul that I find it unlikely, from an implementor’s standpoint, that many Initiators will choose to implement the puzzle logic, especially ones that are running on mobile devices. It is unlikely that the phones will be able to solve the puzzles quickly enough