Hello all, I’ve just posted a new version of the IKEv2 and IPSec TCP Encapsulation draft. The changes include:
- Making the use case (as a last resort if UDP is blocked) more clear in the introduction - Clarify connection establishment and teardown section (allowing a resumed connection to start with either IKE or ESP traffic, allowing multiple SAs on one TCP connection) - Adding more details about interactions with IKEv2 fragmentation, and TCP MSS and QoS markings - Clarifying the keep-alive/DPD section - A new appendix written by a new author from Cisco giving four example exchanges with TCP encapsulation of IKEv2. https://tools.ietf.org/id/draft-pauly-ipsecme-tcp-encaps-03.txt <https://tools.ietf.org/id/draft-pauly-ipsecme-tcp-encaps-03.txt> https://tools.ietf.org/html/draft-pauly-ipsecme-tcp-encaps-03 <https://tools.ietf.org/html/draft-pauly-ipsecme-tcp-encaps-03> I believe this should address many of the comments the last draft received. Please take a look and provide your feedback! If the working group is in favor, I’d like to see if this can be adopted by the working group. Thanks, Tommy
_______________________________________________ IPsec mailing list [email protected] https://www.ietf.org/mailman/listinfo/ipsec
