Greetings. We are having our face-to-face meeting in a week;
https://datatracker.ietf.org/meeting/89/agenda/ipsecme/
So far, I have received no slides. I would like to.
--Paul Hoffman
___
IPsec mailing list
IPsec@ietf.org
https://www.ietf.org/mailman/l
Paul,
On Wed, 26 Feb 2014, Valery Smyslov wrote:
It is for systems that don't implement AH. We should probably say
this explicitly in section 3.
I don't think it is limited for those systems only.
You may implement AH, but yon cannot use it
everywhere, as it is not compatible with NATs.
And E
Paul,
On Feb 25, 2014, at 8:48 PM, Yaron Sheffer
wrote:
Hi, this is to start a 2-week working group last call on the revised
Algorithm Implementation Requirements
document, ending March 11. The draft is at:
http://tools.ietf.org/html/draft-ietf-ipsecme-esp-ah-reqts-01. We
should have last c
A process note: even though this is IETF Last Call, WG members are still
encouraged to comment on the draft. That is, just because we already finished
WG LC, that doesn't mean you should not read the draft again and make any
helpful comments on i...@ietf.org or to the IESG.
--Paul Hoffman
On F
On Wed, 26 Feb 2014, Valery Smyslov wrote:
It is for systems that don't implement AH. We should probably say this
explicitly in section 3.
I don't think it is limited for those systems only.
You may implement AH, but yon cannot use it
everywhere, as it is not compatible with NATs.
And ESP-NULL
The IESG has received a request from the IP Security Maintenance and
Extensions WG (ipsecme) to consider the following document:
- 'IKEv2 Fragmentation'
as Proposed Standard
The IESG plans to make a decision in the next few weeks, and solicits
final comments on this action. Please send substan
(Hats off)
+1 on making single-DES CBC a MUST NOT.
Yaron
Why is DES-CBC a SHOULD NOT+ instead of a MUST NOT? Is there any sane
modern IKE daemon that allows 1DES (or modp768)
The WG has never voiced a MUST NOT for this before. I'm fine with making that
change if no one objects.
