[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: IPng and security

To: big-Internet@munnari.oz.au
Subject: Re: IPng and security
From: glenn@osi.ncsl.nist.gov (Robert Glenn)
Date: Tue, 12 Apr 1994 08:34:12 -0400 (EDT)
Cc: ipsec@ans.net, tuba@lanl.gov, glenn@osi.ncsl.nist.gov




There has been some recent discussion suggesting that the TUBA WG has
taken a passive view on IPng security concerns.  For example, at the
SAAG meeting it was initially assumed that TUBA was going to use ISO
NLSP to provide security services.  As pointed out in "TUBA as IPng: A
White Paper", we've been actively participating in the IPSEC WG to
contribute to the development of an IPv4 security protocol that
would/could also be used to provide the same security services for
CLNP, figuring that a common security protocol could only benefit the
transition from IPv4 to IPng.

Due to the approaching July "decision point" and the lack of closure in
the IPSEC WG, I've drafted a security protocol for TUBA based on the
requirements and work that has already been accomplished by IPSEC.  The
initial premise used to devise this protocol was to keep it as simple
as possible and only address those security concerns that, 1) could be
effectively addressed by a network layer security protocol, and 2)
provided protection for the areas that require security the most.  By
following this approach, a secure encapsulation protocol for CLNP and
IPv4 to provide confidentiality and integrity has been drafted.  As
soon as the draft is finished it will be posted as an I-D.

Next by Date: Encrypting tunnel negotiation protocol
Next by thread: Encrypting tunnel negotiation protocol
Index(es):
- Main
- Thread