From 8882dd4f3e963c872c1a5ae0e7be362db1162487 Mon Sep 17 00:00:00 2001 From: Tobias Brunner Date: Wed, 9 Jul 2025 18:05:36 +0200 Subject: [PATCH 1/2] Fix formatting and typo in Sub SA text --- eesp-ikev2.org | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/eesp-ikev2.org b/eesp-ikev2.org index a1543c9..fe316db 100644 --- a/eesp-ikev2.org +++ b/eesp-ikev2.org @@ -489,7 +489,7 @@ Note that this is not a negotiation: each side can indicate its own value for the maximum Sub SA ID. In addition, sending side is not required to consume all possible Sub SA IDs up to the indicated maximum value - it can create fewer Sub SAs. In any case, when -creating Sub SAs as a sender an endpoint nas to consider that Sub SA +creating Sub SAs as a sender an endpoint has to consider that Sub SA IDs MUST NOT repeat for a given EESP SA and MUST NOT exceed the value sent by the peer in this notification. The actual number of Sub SAs can be different in different directions. @@ -516,8 +516,7 @@ is shown below. - Protocol ID (1 octet) - MUST be 0. MUST be ignored if not 0. - SPI Size (1 octet) - MUST be 0. MUST be ignored if not 0. -- Notify Status Message Type (2 octets) - set to EESP_MAX_SUB_SA_ID -(). +- Notify Status Message Type (2 octets) - set to EESP_MAX_SUB_SA_ID (). # [VS] Why it is 16-bit and not 32-bit in size? - Maximum Sub SA ID (2 octets, integer in network byte order) -- specifies the maximum value for the EESP Sub SA ID the @@ -530,9 +529,9 @@ field means that only one Sub SA (with Subs SA ID = 0) can be handled. If a peer doesn't have any restrictions on the number of the incoming -Sub SAs, then it MAY omit sending this notification. As a consequence -- if no this notification was received by a peer, that peer can -assume that it create as many outgoing Sub SAs as it needs (provided +Sub SAs, then it MAY omit sending this notification. As a consequence, +if this notification was not received by a peer, that peer can assume +that it can create as many outgoing Sub SAs as it needs (provided that Sub SA IDs not repeat). If no SSKDF transform was negotiated, this notification MUST be From 80e02497add8f3de81a6236f9598321c82137579 Mon Sep 17 00:00:00 2001 From: Tobias Brunner Date: Wed, 9 Jul 2025 18:11:40 +0200 Subject: [PATCH 2/2] README: Fix typo and list item for diff --- README.org | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.org b/README.org index d7a4396..b1e2395 100644 --- a/README.org +++ b/README.org @@ -8,7 +8,7 @@ This is the working area for the individual Internet-Draft, "EESP IKEv2". This README provides information about the ~IKEv2 negotiation for Enhanced Encapsulating Security Payload (EESP)~ draft document. -* Laest Copy +* Latest Copy The latest version of the draft in HTML format is at: - [[https://klassert.github.io/eesp-ikev2/draft-ietf-ipsecme-eesp-ikev2-latest.html][Editor's Copy]] # above URL is replaced by .github/workflows/generate.yaml @@ -17,7 +17,7 @@ The latest version of the draft in HTML format is at: * IETF Datatracker Copy of IKEv2 EESP I.D. - [[https://datatracker.ietf.org/doc/draft-ietf-ipsecme-eesp-ikev2/][IETF Datatracker: draft-ietf-ipsecme-eesp-ikev2]] -* [[https://author-tools.ietf.org/api/iddiff?doc_1=draft-ietf-ipsecme-eesp-ikev2&url_2=https://raw.githubusercontent.com/klassert/eesp-ikev2/refs/heads/gh-pages/draft-ietf-ipsecme-eesp-ikev2-latest.txt][diff with latest submission]] +- [[https://author-tools.ietf.org/api/iddiff?doc_1=draft-ietf-ipsecme-eesp-ikev2&url_2=https://raw.githubusercontent.com/klassert/eesp-ikev2/refs/heads/gh-pages/draft-ietf-ipsecme-eesp-ikev2-latest.txt][Diff with latest submission]] * References For more detailed information, refer to the following resources: