[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Fwd: RFC 2709 on Security for NAT Domains

To: ipsec@lists.tislabs.com
Subject: Fwd: RFC 2709 on Security for NAT Domains
From: Paul Hoffman <paul.hoffman@vpnc.org>
Date: Fri, 22 Oct 1999 09:38:33 -0700
Sender: owner-ipsec@lists.tislabs.com

This came out a few weeks ago but I didn't see anything on this list about it.

>To: IETF-Announce: ;
>Subject: RFC 2709 on Security for NAT Domains
>Cc: rfc-ed@ISI.EDU
>Date: Wed, 06 Oct 1999 11:21:52 -0700
>From: RFC Editor <rfc-ed@ISI.EDU>
>
>
>A new Request for Comments is now available in online RFC libraries.
>
>
>         RFC 2709:
>
>         Title:      Security Model with Tunnel-mode IPsec for NAT
>                     Domains
>         Author(s):  P. Srisuresh
>         Status:     Informational
>         Date:       October 1999
>         Mailbox:    srisuresh@lucent.com
>         Pages:      11
>         Characters: 24552
>         Updates/Obsoletes/See Also: None
>         I-D Tag:    draft-ietf-nat-security-02.txt
>
>         URL:        ftp://ftp.isi.edu/in-notes/rfc2709.txt
>
>
>There are a variety of NAT flavors, as described in [Ref 1]. Of the
>domains supported by NATs, only Realm-Specific IP clients are able
>to pursue end-to-end IPsec secure sessions. However, all flavors of
>NAT are capable of offering tunnel-mode IPsec security to private
>domain hosts peering with nodes in external realm. This document
>describes a security model by which tunnel-mode IPsec security can
>be architected on NAT devices. A section is devoted to describing
>how security policies may be transparently communicated to IKE (for
>automated KEY exchange) during Quick Mode. Also outlined are
>applications that can benefit from the Security Model described.
>
>This document is a product of the Network Address Translator (NAT)
>Domains' Working Group of the IETF.
>
>This memo provides information for the Internet community.  It does
>not specify an Internet standard of any kind.  Distribution of this
>memo is unlimited.
>
>This announcement is sent to the IETF list and the RFC-DIST list.
>Requests to be added to or deleted from the IETF distribution list
>should be sent to IETF-REQUEST@IETF.ORG.  Requests to be
>added to or deleted from the RFC-DIST distribution list should
>be sent to RFC-DIST-REQUEST@RFC-EDITOR.ORG.
>
>Details on obtaining RFCs via FTP or EMAIL may be obtained by sending
>an EMAIL message to rfc-info@RFC-EDITOR.ORG with the message body
>help: ways_to_get_rfcs.  For example:
>
>         To: rfc-info@RFC-EDITOR.ORG
>         Subject: getting rfcs
>
>         help: ways_to_get_rfcs
>
>Requests for special distribution should be addressed to either the
>author of the RFC in question, or to RFC-Manager@RFC-EDITOR.ORG.  Unless
>specifically noted otherwise on the RFC itself, all RFCs are for
>unlimited distribution.echo
>Submissions for Requests for Comments should be sent to
>RFC-EDITOR@RFC-EDITOR.ORG.  Please consult RFC 2223, Instructions to RFC
>Authors, for further information.
>
>
>Joyce K. Reynolds and Sandy Ginoza
>USC/Information Sciences Institute
>
>...
>
>Below is the data which will enable a MIME compliant Mail Reader
>implementation to automatically retrieve the ASCII version
>of the RFCs.
>Content-Type: text/plain
>Content-ID: <991006111836.RFC@RFC-EDITOR.ORG>
>
>RETRIEVE: rfc
>DOC-ID: rfc2709
>
><ftp://ftp.isi.edu/in-notes/rfc2709.txt>

Prev by Date: Re: ICMP{,v6} type/code as a selector...
Next by Date: comments on ip sec
Prev by thread: I-D ACTION:draft-keromytis-ipsp-arch-00.txt
Next by thread: comments on ip sec
Index(es):
- Main
- Thread