Hi,
On 28/01/12 08:54, Petri Jokela wrote:
Hi,
I updated the RFC5202-bis to -02 and the current pre-version can be
found from:
http://jokela.org/ietf/draft-jokela-rfc5202-bis-02-pre1.txt
The IESG note is not visible in that. The note said:
In case of complex Security Policy Databases (SPDs) and the
co-existence of HIP and security-related protocols such as IKE,
implementors may encounter conditions that are unspecified in these
documents. For example, when the SPD defines an IP address subnet to
be protected and a HIP host is residing in that IP address area,
there is a possibility that the communication is encrypted multiple
times. Readers are advised to pay special attention when running HIP
with complex SPD settings. Future specifications should clearly
define when multiple encryption is intended, and when it should be
avoided.
The issue was fixed in the already expired draft version -01 (see
section 3.4). The BEET mode was also added as an appendix (B) in the
earlier version. I made some small modifications to the author list
in this new -02 (Pekka wanted to be delisted) and acknowledgements
(Pekka's contribution added).
Any comments?
seems ok to me.
_______________________________________________
Hipsec mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/hipsec
