Skip to content

Commit 456d8ab

Browse files
klassertklassert
committed
Minor fixes.
1 parent 0a424e1 commit 456d8ab

File tree

1 file changed

+11
-7
lines changed

1 file changed

+11
-7
lines changed

eesp-ikev2.org

Lines changed: 11 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -46,7 +46,7 @@ Encapsulating Security Payload (ESP) defined in [RFC4303]. These
4646
improvements address evolving requirements in modern IPsec
4747
deployments. EESP offers increased flexibility for hardware
4848
offloads at the packet level. It supports carrying inner packet flow
49-
identifiers foe the use with ECMP, RSS hardware, and IPsec peers
49+
identifiers for the use with ECMP, RSS hardware, and IPsec peers
5050
prior to decryption. EESP also enables the establishment of Sub Child
5151
SAs with independent sequence number spaces. Additionally, it
5252
supports the use of 64-bit sequence numbers in each packet or the
@@ -63,9 +63,13 @@ EESP specific transform properties and properties.
6363
The extensions defined here enable EESP SAs to coexist with ESP SAs
6464
in stateful decryption configurations, sharing a common SPI namespace
6565
while introducing new capabilities to enhance IPsec’s performance
66-
and versatility in modern use cases. By starting with the SPI in the
67-
Base Header, EESP maintains compatibility with existing ESP UDP
68-
encapsulation formats, simplifying integration.
66+
and versatility in modern use cases.
67+
68+
# XXX: This changed in the EESP draft!
69+
#
70+
# By starting with the SPI in the
71+
# Base Header, EESP maintains compatibility with existing ESP UDP
72+
# encapsulation formats, simplifying integration.
6973

7074
This document does not obsolete or update any existing RFCs. While
7175
stateless implementations of EESP are referenced, their negotiation,
@@ -278,7 +282,7 @@ cryptographers one method will be chosen.
278282
The requirements:
279283
- Independent keys for each Sub SA
280284
- Ability to derive Sub SA keys on the fly with least amount of memory usage
281-
- Minimal meomory requirements
285+
- Minimal memory requirements
282286
- Keyderviation support multiple SAs, such as EESP, AH
283287

284288
**** Iterative key derivation
@@ -330,9 +334,9 @@ iterative feedback mode.
330334
**** Hierarchical key derivation
331335

332336
Hierarchical key derivation use Sub SA ID, which is carried in EESP
333-
Seesion ID or in EESP Flow ID(TLV), as an input the key dervivation.
337+
Seesion ID or in EESP Flow ID(TLV), as an input to the key dervivation.
334338

335-
Two KDF are propsed below and eventully choose one of them.
339+
Two KDF are propsed below and eventually choose one of them.
336340

337341
KEYMAT = prf+(SK_child, Sub SA ID)
338342

0 commit comments

Comments
 (0)