Re: [IPsec] [multipathtcp] IPsec multihoming and mobility

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [IPsec] [multipathtcp] IPsec multihoming and mobility

To: Michael Tüxen <Michael.Tuexen at lurchi.franken.de>
Subject: Re: [IPsec] [multipathtcp] IPsec multihoming and mobility
From: Daniel Migault <mglt.ietf at gmail.com>
Date: Thu, 5 Nov 2009 15:48:56 +0100
Cc: ipsec at ietf.org, multipathtcp at ietf.org, mif at ietf.org
Delivered-to: ipsec at core3.amsl.com
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:in-reply-to:references :date:message-id:subject:from:to:cc:content-type; bh=UosYlT4cHZFLu8YCDFkE/F3I0RvHsKXU2hoMJVh1X24=; b=pngIvEJ9EKW2WCeqnPdbP9qyOxhyHLI1a74vJHv/UFfgbm6Z4SRZX2QoFS7Cts/lHD /fB21F5foWL0iXsoyhmMCTyX2dEIylbAevSBklGb6xJ9zszuqMPicOs/eztZ1ZD8iEOQ q1XBPBP6cNalDEWtag8wTQhxthF7Xtp4kDtoE=
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; b=j65pGnmFugRE44wPvn8be8OVe08ldZqqtH1UBzko/l/WI9GzTcz+BeN8n4ucFiPTM8 NqcMY3SDq2nzNbsj6TBfeXZKCiVdppF/eYWb2fYW9t/C8f6KQtFe9S2v6w2O7SroOO0O EcFveLk0O+v+Z2lokiKxGLyj8L/c/Z76K22UY=
In-reply-to: <D42BF6E1-B415-4AA1-8537-6F84F9FD9C40 at lurchi.franken.de>
List-archive: <http://www.ietf.org/mail-archive/web/ipsec>
List-help: <mailto:ipsec-request@ietf.org?subject=help>
List-id: Discussion of IPsec protocols <ipsec.ietf.org>
List-post: <mailto:ipsec@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=unsubscribe>
References: <51eafbcb0910210129x60cf00eek4ee53df746e515a8 at mail.gmail.com> <D42BF6E1-B415-4AA1-8537-6F84F9FD9C40 at lurchi.franken.de>

Hi Michael,

Thanks for your comment, I appreciate your feed back.

Sections of the requirements draft on SCTP, SHIM6 should be filled, and I will mention RFC3554 in the SCTP section.

In both drafts we consider only IKEv2, so I don't think RFC3554 is really relevant. I am not an expert on IKEv1, but it looks that features introduced by RFC3554 are not longer necessary since with IKEv2 since IKEv2 provides the ability to negotiate multiple Traffic Selector, and TS are not associated to the ID Payload anymore.

On the other hand IKEv2 or IKEv1 and RFC3554 does not enable to modify the Traffic Selectors of the Security Association. And this is one of the thing we address in the drafts.

Regards,

Daniel

On Wed, Oct 21, 2009 at 3:44 PM, Michael Tüxen <Michael.Tuexen at lurchi.franken.de> wrote:

Hi Daniel,

have you looked at
http://www.ietf.org/rfc/rfc3554.txt

Best regards
Michael

On Oct 21, 2009, at 10:29 AM, Daniel Migault wrote:

Hi folks,

We are currently working on IPsec issues and multihoming. Here are our starting work with a presentation of scenarios and requirements we address, as well as the design of an extension to MOBIKE.

Scenarios and Requirements :
http://tools.ietf.org/html/draft-mglt-ipsec-mm-requirements-00

Protocol Design :
http://tools.ietf.org/html/draft-mglt-ipsec-mm-mobikex-00

We are currently working implementing it, and looking on how other multihoming protocol can benefit from it.

Feed backs and comments are really appreciated.

Regards,

Daniel

--
Daniel Migault
Orange Labs -- Security
+33 6 70 72 69 58
_______________________________________________
multipathtcp mailing list
multipathtcp at ietf.org
https://www.ietf.org/mailman/listinfo/multipathtcp

--
Daniel Migault
Orange Labs -- Security
+33 6 70 72 69 58

References:
- [IPsec] IPsec multihoming and mobility
  - From: Daniel Migault
- Re: [IPsec] [multipathtcp] IPsec multihoming and mobility
  - From: Michael Tüxen

Prev by Date: Re: [IPsec] Fw: Preshared key authentication in IKEv2
Next by Date: [IPsec] RFC 5685 on Redirect Mechanism for the Internet Key Exchange Protocol Version 2 (IKEv2)
Previous by thread: Re: [IPsec] [multipathtcp] IPsec multihoming and mobility
Next by thread: [IPsec] I-D Action:draft-ietf-ipsecme-ikev2-resumption-09.txt
Index(es):
- Date
- Thread

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.