[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

multi-layer IPSEC draft

To: ipsec@lists.tislabs.com, tf-esp@research.att.com
Subject: multi-layer IPSEC draft
From: Yongguang Zhang <ygz@hrl.com>
Date: Tue, 26 Oct 1999 19:15:44 -0700
In-Reply-To: <199910200150.VAA14041@tsx-prime.MIT.EDU>
Sender: owner-ipsec@lists.tislabs.com


Hi, all:

This draft is a follow-up of my short presentation in last IETF.
(I sent out last week but hasn't got response back from Internet-Draft.)
But it is also available from my web site:
http://www.wins.hrl.com/people/ygz/ml-ipsec/draft-zhang-ipsec-mlipsec-00.txt

To repeat the concept, multi-layer IPSEC applies separate 
encryption/authentication
with different keys on different parts of an IP datagram.  It allows certain
intermediate routers to have limited and controllable access to part of IP 
datagram
(usually headers) but not the user data, for applications like flow 
classification,
diffserv, TCPPEP, NAT, transparent proxy, etc. (and those "intelligent 
routing" that
need access to higher-layer protocol headers).

I'd like to hear your comments on this.

Regards,

Yongguang

References:

Call for Agenda Items

From: "Theodore Y. Ts'o" <tytso@MIT.EDU>

Prev by Date: Re: I-D ACTION:draft-ietf-ipsec-pki-req-03.txt
Next by Date: Re: Comments on CRACK
Prev by thread: Call for Agenda Items
Next by thread: I-D ACTION:draft-ietf-ipsec-isakmp-gss-auth-04.txt
Index(es):
- Main
- Thread