The new RFC5201-bis [1] draft implements the following changes,
discussed on the list:
o Clarify that receipt of user data in state CLOSING (Table 7)
results in transition to I1-SENT
o Add academic reference for the first mention of the RSA algorithm
o As part of comment resolution on use of NULL encryption, note that
use of a NULL HIP CIPHER is only to be used when debugging and
testing the HIP protocol. This only pertains to the ENCRYPTED
parameter, which is optional; in practice, if encryption is not
desired, better to just not encrypt the Host ID.
I believe that the open issue on NULL encryption as a MTI (DISCUSS) on
RFC5202-bis [2] (also updated today) is closed now, and the following
items remain on RFC5201-bis:
1) proposal to address possibility of a plaintext attack:
http://trac.tools.ietf.org/wg/hip/trac/ticket/42
I am not sure whether there is support or a concrete text proposal to
change this?
2) proposal to add support for 2048-bit DHE (discussed on the list this
week)
http://trac.tools.ietf.org/wg/hip/trac/ticket/46
The current proposal is to add support for this in the next version,
unless further comments are received.
3) update Appendix C example packet
http://trac.tools.ietf.org/wg/hip/trac/ticket/50
4) tracking considerations for HIP
http://trac.tools.ietf.org/wg/hip/trac/ticket/47
Stephen most recently said:
"However, I won't press this if you don't wanna go there now - it'd
be a large enough change and would probably take time.
I'll clear this one and if the WG want they can decide to pursue
that goal."
So perhaps this should serve as a last call on this issue--does anyone
in the WG want to pursue a change in this area?
5) I just noticed this suggestion from Barry Leiba and will pick this up
in version 18:.
In the IANA Considerations, similar to what was done for R1_COUNTER, I
suggest
this:
OLD
A new value (579) for a new Parameter Type HIP_CIPHER should be
added, with reference to this specification. This Parameter Type
functionally replaces the HIP_TRANSFORM Parameter Type (value 577)
which can be left in the table with existing reference to
[RFC5201].
NEW
A new value (579) for a new Parameter Type HIP_CIPHER should be
added, with reference to this specification. This Parameter Type
functionally replaces the HIP_TRANSFORM Parameter Type (value 577)
which can be left in the table with existing reference to
[RFC5201]. For clarity, we recommend that the name for the
value 577 be changed from "HIP_TRANSFORM" to "HIP_TRANSFORM
(v1 only)".
END
- Tom
[1] http://www.ietf.org/internet-drafts/draft-ietf-hip-rfc5201-bis-17.txt
[2] http://www.ietf.org/internet-drafts/draft-ietf-hip-rfc5202-bis-07.txt
_______________________________________________
Hipsec mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/hipsec
