Hi Paul, The bare minimal implementation of IKEv2 and IPsec/ESP have been proposed in lwig WG: draft-ietf-lwig-ikev2-minimal-01.txt <https://tools.ietf.org/html/draft-ietf-lwig-ikev2-minimal-01> and draft-mglt-lwig-minimal-esp-01.txt <http://www.ietf.org/archive/id/draft-mglt-lwig-minimal-esp-01.txt>
Diet-ESP is definitely not "tweaking a byte here and there". Instead, it combines ROHC ROHCoverIPsec and IPsec/ESP. This provides the necessary flexibility to provide the appropriated security in any situation. I appreciate you provide feed back, however, I need more technical argument to make you less nervous. BR, Daniel BR, Daniel On Tue, Feb 17, 2015 at 7:32 PM, Paul Wouters <p...@nohats.ca> wrote: > On Tue, 17 Feb 2015, Hannes Tschofenig wrote: > > If there is indeed a need for IPsec ESP use in IoT then I am not sure >> that the proposed optimizations are so useful given the impact for >> security. >> > > I agree. I think it would be very useful to describe a barebones minimal > IKEv2 feature set and even an ESP minimal set for such use, but tweaking > a byte here and there of the ESP protocol parameters makes we very > nervous. > > Paul > -- Daniel Migault Ericsson
_______________________________________________ IPsec mailing list IPsec@ietf.org https://www.ietf.org/mailman/listinfo/ipsec