[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Ipsec] revised IPsec Architecture draft (2401bis)
Folks,
We just submitted 2401bis-02 to the IETF publications folks.
I went ahead and put in the proposed mod (for AH, ESP, and 2401bis
drafts) re: how to do SAD lookup in the presence of multicast SAs and
incorporated the latest feedback.
Several other items remain unfinished:
a. Resolution on how to handle fragments on the protected side
of the IPsec boundary -- We put in the proposed 3 approaches
but left the MAY/SHOULD question for approaches 2 and 3 open.
b. Addition of an Appendix with the rationale for (a) -- This
will be based on Steve's email and the subsequent list
discussion
c. Resolution on how to handle ICMP -- did not put anything
in in this section yet
d. Completion of the Appendix with the ASN.1 for an SPD entry
-- mostly done, but a few things need to be added.
Please note that while Steve provided input on most of the revisions,
he once again has maintained plausible deniability by going away on
travel/vacation. So he did not get to review this draft. (Of course,
if I'd gotten all the editing/nroffing done when I was supposed to,
he'd have had a chance to review it. So this is really my fault.)
Thank you,
Karen
_______________________________________________
Ipsec mailing list
Ipsec@ietf.org
https://www1.ietf.org/mailman/listinfo/ipsec