Gabriel and Rafa, I remember in IETF102 I2NSF session, you agreed to add some description on how/where your Option 2 can be used ( i.e. Using Controller to assist the IPsec key computation and pass the SA attributes together with its IPsec session key to the pair-wise Nodes via a secure management channel), such as
- for some special secure environment (e.g. in one physically isolated data center) or - some resource constrained IoT deployment that can tolerance some risks. It is important to document the risks associated with the option, so that users can make the informed decision. Thanks, Linda Dunbar
_______________________________________________ I2nsf mailing list [email protected] https://www.ietf.org/mailman/listinfo/i2nsf
