Hi,
If that is appropriated I would like to see the following items on the
charter:
- 1) multiple interfaces that is describing how to optimize the IPsec
settings between two hosts when at least one of the host has more than one
interface.
- 2) beet mode that defining a new mode so the overhead of IPsec
Payload can be reduced,
- 3) IPsec contexts that is documenting the parameters that are
exchanged between two Security Gateways in order to manage clusters of VPN
Security Gateways.
- 4) Extending MOBIKE to transport mode.
- 5) Finally, I think there might be some work in order to enable IPsec
for IoT, especially designing IKEv2 extensions or looking at defining a
mode or a way to send ESP payload without carrying the IV.
BR,
Daniel
On Sat, Jul 19, 2014 at 10:19 PM, Yaron Sheffer <[email protected]>
wrote:
>
>> You are revising the decision NOT to have IKE TCP:
>>
>> "There is interest in solving this issue by
>> allowing transport of IKE over TCP; this is currently
>> implemented by some vendors. The group will standardize such
>> a solution."
>>
>> If you remove the first sentence, then it only talks about UDP and how
>> we are working on standarising fragmentation support using UDP.
>>
>> Paul
>>
>
> OK, makes sense. We need to remove that sentence.
>
> Thanks,
> Yaron
>
>
> _______________________________________________
> IPsec mailing list
> [email protected]
> https://www.ietf.org/mailman/listinfo/ipsec
>
--
Daniel Migault
Orange Labs -- Security
+33 6 70 72 69 58
_______________________________________________
IPsec mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/ipsec
