Dear Experts, this revised version addressed the following concern from Paul Wouters, thank you all for your interests and time, and do welcome your further comments and suggestion.
Concerns from Paul Wouters: - What if a malicious entity able to filter on path would "fragment" the packet into tiny bits. It would reduce the MTU of the IPsec link to unhealthy size. There should be a minimum defined. - As paths over the internet change, this draft can kick in to reduce the size, but I see no method to go back to a larger size once the path between the endpoints recovers again. - How does this interact with ESP padding ? Brs -----Original Message----- From: internet-dra...@ietf.org <internet-dra...@ietf.org> Sent: Tuesday, March 29, 2022 11:25 AM To: Congjie Zhang <congjie.zh...@ericsson.com>; Harold Liu <harold....@ericsson.com>; Daniel Migault <daniel.miga...@ericsson.com>; Renwang Liu <renwang....@ericsson.com> Subject: New Version Notification for draft-liu-ipsecme-ikev2-mtu-dect-01.txt A new version of I-D, draft-liu-ipsecme-ikev2-mtu-dect-01.txt has been successfully submitted by Daiying Liu and posted to the IETF repository. Name: draft-liu-ipsecme-ikev2-mtu-dect Revision: 01 Title: IKEv2 MTU Detection Extension Document date: 2022-03-28 Group: Individual Submission Pages: 9 URL: https://www.ietf.org/archive/id/draft-liu-ipsecme-ikev2-mtu-dect-01.txt Status: https://datatracker.ietf.org/doc/draft-liu-ipsecme-ikev2-mtu-dect/ Htmlized: https://datatracker.ietf.org/doc/html/draft-liu-ipsecme-ikev2-mtu-dect Diff: https://www.ietf.org/rfcdiff?url2=draft-liu-ipsecme-ikev2-mtu-dect-01 Abstract: This document defines the Internet Key Exchange Version 2 (IKEv2) allowed Maximum Transmission Unit (MTU) extension that enables to automatically detect MTU allowed on forwarding path of each IKEv2 session to prevent Encapsulating Security Payload (ESP) packets from being fragmented. The IETF Secretariat _______________________________________________ IPsec mailing list IPsec@ietf.org https://www.ietf.org/mailman/listinfo/ipsec
