Hi Rafa, Fernando and Gabriel, Thank you for this update and my sincere apologies for the very long time it took me to respond. It addresses my AD review feedback so I’m advancing it to IETF LC.
In particular, thank you for the refined architecture descriptions that better link this work to I2NSF. Regards, Roman From: I2nsf <[email protected]> On Behalf Of Rafa Marin-Lopez Sent: Wednesday, June 17, 2020 11:50 AM To: [email protected]; Roman Danyliw <[email protected]> Cc: Fernando Pereniguez-Garcia <[email protected]>; Gabriel Lopez-Millan <[email protected]>; Rafa Marin-Lopez <[email protected]> Subject: Re: [I2nsf] New Version Notification for draft-ietf-i2nsf-sdn-ipsec-flow-protection-08.txt Dear all, Roman: We have just submitted -08 that tries to address Roman’s comments. Roman, thank you very much again for all your comments. Hope we have been able to correctly address them. Best Regards. El 17 jun 2020, a las 17:42, [email protected]<mailto:[email protected]> escribió: A new version of I-D, draft-ietf-i2nsf-sdn-ipsec-flow-protection-08.txt has been successfully submitted by Rafa Marin-Lopez and posted to the IETF repository. Name: draft-ietf-i2nsf-sdn-ipsec-flow-protection Revision: 08 Title: Software-Defined Networking (SDN)-based IPsec Flow Protection Document date: 2020-06-17 Group: i2nsf Pages: 87 URL: https://www.ietf.org/internet-drafts/draft-ietf-i2nsf-sdn-ipsec-flow-protection-08.txt Status: https://datatracker.ietf.org/doc/draft-ietf-i2nsf-sdn-ipsec-flow-protection/ Htmlized: https://tools.ietf.org/html/draft-ietf-i2nsf-sdn-ipsec-flow-protection-08 Htmlized: https://datatracker.ietf.org/doc/html/draft-ietf-i2nsf-sdn-ipsec-flow-protection Diff: https://www.ietf.org/rfcdiff?url2=draft-ietf-i2nsf-sdn-ipsec-flow-protection-08 Abstract: This document describes how to provide IPsec-based flow protection (integrity and confidentiality) by means of an I2NSF Controller. It considers two main well-known scenarios in IPsec: (i) gateway-to- gateway and (ii) host-to-host. The service described in this document allows the configuration and monitoring of IPsec information from a I2NSF Controller to one or several flow-based Network Security Function (NSF) that implement IPsec to protect data traffic. The document focuses on the I2NSF NSF-Facing Interface by providing YANG data models for configuration and state data required to allow the I2NSF Controller to configure the IPsec databases (SPD, SAD, PAD) and IKEv2 to establish IPsec Security Associations with a reduced intervention of the network administrator. Please note that it may take a couple of minutes from the time of submission until the htmlized version and diff are available at tools.ietf.org<http://tools.ietf.org/>. The IETF Secretariat ------------------------------------------------------- Rafa Marin-Lopez, PhD Dept. Information and Communications Engineering (DIIC) Faculty of Computer Science-University of Murcia 30100 Murcia - Spain Telf: +34868888501 Fax: +34868884151 e-mail: [email protected]<mailto:[email protected]> -------------------------------------------------------
_______________________________________________ I2nsf mailing list [email protected] https://www.ietf.org/mailman/listinfo/i2nsf
