On Mon, 18 Jul 2022, Daniel Migault wrote:
My reading of the datatracker is that the document in IESG Evaluation::AD
Followup for 117 days. I do not see any follow-up with the following email from
may 25 with the latest changes and believe all concerns have been addressed. I
am wondering what prevents the document from being sent to the RFC queue
and if there is anything expected from my side.
See my last email to you:
Date: Tue, 24 May 2022 11:27:28
From: Paul Wouters <p...@nohats.ca>
To: Daniel Migault <mglt.i...@gmail.com>
Subject: draft-ietf-lwig-minimal-esp
Hi Daniel,
Just a reminder that draft-ietf-lwig-minimal-esp is waiting on actions
on your end to resolve the DISCUSS items. While discussing in github is
useful, in the end the changes do need to go into a new draft version
for the DISCUSS holders to evaluate them.
I think the biggest unresolved issue is the SPI one with using just a
few bytes and the "indexing" that I still do not understand.
Paul
The limited SPI numbers and rekeying is still not clear to me.
We exchanged a few emails but that did not result in me understanding
this.
The sequence number discussion mentions the issue of packets falling
out of the receive window. We talked about an IKE option/notify to
signal this and during that discussion it also came to light that this
protocol is going to be used without IKEv2. This leaves an
interoprability unaddressed.
And since this protocol is also meant to run without IKEv2, there is
an issue of only recommending AEAD algorithms that rely on IKEv2 for
its security properties.
Section 6 talks about Dummy packets but the labeling of the header
is a bit misleading into thinking the Next Header behaviour is
modified. I had suggested the section to be renamed.
Please find my response to your comments. The current version of the file
integrates the language changes as well as changes to address the concerns
of this thread:
https://github.com/mglt/draft-mglt-lwig-minimal-esp/commit/d7710c19802bdce4c978d71ad303b739e1406f1e
We ended up discussing this in email, but that did not end in my
understanding. Also, the above commit did not actually make it
into the draft yet. It is very hard as AD to keep track of changes
that are not in the actual datatracker.
Paul
_______________________________________________
IPsec mailing list
IPsec@ietf.org
https://www.ietf.org/mailman/listinfo/ipsec
