Hello, Based on the feedback received at our informal meeting in Yokohama, I’ve updated the draft for TCP Encapsulation of IKEv2 and ESP:
https://tools.ietf.org/html/draft-pauly-ipsecme-tcp-encaps-01 The revisions include: - More explanation in the introduction about the motivation, and other work that this draft is trying to standardize (3GPP recommendations, proprietary IKEv1 IPSec over TCP versions, and SSL VPNs). - Comments about maximum IKE and ESP message size within the TCP stream, which is effective the MTU of the tunnel. - Specify that if the TCP connection is brought down and re-established, the first message on the stream must be an IKE message. - Detailed considerations about interactions with middleboxes (thanks Graham Bartlett for input on this). In the meeting in Yokohama, there was general agreement that this was relevant work that we’d like to keep looking into. Please read the document, and provide any feedback you have! Thanks, Tommy _______________________________________________ IPsec mailing list [email protected] https://www.ietf.org/mailman/listinfo/ipsec
