Re: [IPsec] FW: New Version Notification fordraft-mglt-ipsecme-implicit-iv-01.txt

Mon, 10 Oct 2016 00:06:03 -0700 

Hi Daniel,

I think you should add a text in the Security Considerations that these
transforms MUST NOT be used in situations where there is a chance that
Sequence Numbers repeat. The most prominent example where it can happen -
multicast ESP SA with multiple senders.

Regards,
Valery.



Hi,
Based on the feed backs and the discussions from the previous IETF, see the updated version of our draft. We believe the document is in good shape to become a WG document. 

Feel free to support the draft and as usually, comments are welcome!

BR,
Daniel

-----Original Message-----
From: internet-dra...@ietf.org [mailto:internet-dra...@ietf.org]
Sent: Saturday, October 08, 2016 7:15 PM
To: Tobias Guggemos <tobias.gugge...@gmail.com>; Yoav Nir <ynir.i...@gmail.com>; Daniel Migault <daniel.miga...@ericsson.com> 
Subject: New Version Notification for draft-mglt-ipsecme-implicit-iv-01.txt


A new version of I-D, draft-mglt-ipsecme-implicit-iv-01.txt
has been successfully submitted by Daniel Migault and posted to the IETF 
repository.

Name: draft-mglt-ipsecme-implicit-iv
Revision: 01
Title: Implicit IV for Counter-based Ciphers in IPsec
Document date: 2016-10-08
Group: Individual Submission
Pages: 6
URL:            
https://www.ietf.org/internet-drafts/draft-mglt-ipsecme-implicit-iv-01.txt
Status:         https://datatracker.ietf.org/doc/draft-mglt-ipsecme-implicit-iv/
Htmlized:       https://tools.ietf.org/html/draft-mglt-ipsecme-implicit-iv-01
Diff:           
https://www.ietf.org/rfcdiff?url2=draft-mglt-ipsecme-implicit-iv-01

Abstract:
  IPsec ESP sends an initialization vector (IV) or nonce in each
  packet, adding 8 or 16 octets.  Some algorithms such as AES-GCM, AES-
  CCM, AES-CTR and ChaCha20-Poly1305 require a unique nonce but do not
  require an unpredictable nonce.  When using such algorithms the
  packet counter value can be used to generate a nonce, saving 8 octets
  per packet.  This document describes how to do this.
Please note that it may take a couple of minutes from the time of submission until the htmlized version and diff are available at tools.ietf.org. 

The IETF Secretariat

_______________________________________________
IPsec mailing list
IPsec@ietf.org
https://www.ietf.org/mailman/listinfo/ipsec 

_______________________________________________
IPsec mailing list
IPsec@ietf.org
https://www.ietf.org/mailman/listinfo/ipsec

Reply via email to