Hi Kathleen, Yes, this is referring to how the existing NAT detection works in IKEv2:
https://tools.ietf.org/html/rfc7296 Section 2.23. NAT Traversal o The data associated with the NAT_DETECTION_SOURCE_IP notification is a SHA-1 digest of the SPIs (in the order they appear in the header), IP address, and port from which this packet was sent. We can add a pointer to the section of the RFC. Thanks, Tommy > On Mar 9, 2017, at 9:39 AM, Kathleen Moriarty > <kathleen.moriarty.i...@gmail.com> wrote: > > Hello, > > Thank you for your work on draft-ietf-ipsecme-tcp-encaps. It's a well > written draft and I just have one question. > > Section 7: Why is SHA-1 used? If this is a result of the protocol and > prior RFCs, please include a reference. And an explanation on list > would be helpful (pointer is fine if this was already discussed. > > > > -- > > Best regards, > Kathleen > > _______________________________________________ > IPsec mailing list > IPsec@ietf.org > https://www.ietf.org/mailman/listinfo/ipsec _______________________________________________ IPsec mailing list IPsec@ietf.org https://www.ietf.org/mailman/listinfo/ipsec
