Hi, I updated the RFC5202-bis to -02 and the current pre-version can be found from:
http://jokela.org/ietf/draft-jokela-rfc5202-bis-02-pre1.txt The IESG note is not visible in that. The note said: In case of complex Security Policy Databases (SPDs) and the co-existence of HIP and security-related protocols such as IKE, implementors may encounter conditions that are unspecified in these documents. For example, when the SPD defines an IP address subnet to be protected and a HIP host is residing in that IP address area, there is a possibility that the communication is encrypted multiple times. Readers are advised to pay special attention when running HIP with complex SPD settings. Future specifications should clearly define when multiple encryption is intended, and when it should be avoided. The issue was fixed in the already expired draft version -01 (see section 3.4). The BEET mode was also added as an appendix (B) in the earlier version. I made some small modifications to the author list in this new -02 (Pekka wanted to be delisted) and acknowledgements (Pekka's contribution added). Any comments? Petri -- Petri Jokela Research scientist NomadicLab, Ericsson Research Oy L M Ericsson Ab E-mail: [email protected] Mobile: +358 44 299 2413 _______________________________________________ Hipsec mailing list [email protected] https://www.ietf.org/mailman/listinfo/hipsec
