[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Ipsec] revised IPsec Architecture draft (2401bis)



Folks,

We just submitted 2401bis-02 to the IETF publications folks.

I went ahead and put in the proposed mod (for AH, ESP, and 2401bis 
drafts) re: how to do SAD lookup in the presence of multicast SAs and 
incorporated the latest feedback.

Several other items remain unfinished:
	a. Resolution on how to handle fragments on the protected side
	   of the IPsec boundary -- We put in the proposed 3 approaches
	   but left the MAY/SHOULD question for approaches 2 and 3 open.
	b. Addition of an Appendix with the rationale for (a) -- This
	   will be based on Steve's email and the subsequent list
	   discussion
	c. Resolution on how to handle ICMP -- did not put anything
	   in in this section yet
	d. Completion of the Appendix with the ASN.1 for an SPD entry
	   -- mostly done, but a few things need to be added.

Please note that while Steve provided input on most of the revisions, 
he once again has maintained plausible deniability by going away on 
travel/vacation.  So he did not get to review this draft. (Of course, 
if I'd gotten all the editing/nroffing done when I was supposed to, 
he'd have had a chance to review it. So this is really my fault.)

Thank you,
Karen

_______________________________________________
Ipsec mailing list
Ipsec@ietf.org
https://www1.ietf.org/mailman/listinfo/ipsec