Hello, We've posted a new version of the TCP Encapsulation draft, now as a WG document (https://tools.ietf.org/html/draft-ietf-ipsecme-tcp-encaps-00).
Here are the major changes in this version, based on the last round of feedback: - Changed most references to IKEv2 to IKE to make this technique more generic - Changed the Stream Prefix from IKEv2 to IKETCP - Clarified the use of the Stream Prefix with regards to extra layers of protocols (TLS) in the appendix examples - Clarified that ESP SPI must be zero We'd like to post one more version with feedback and input from the group by our Berlin meeting. Please review! Thanks, Tommy > On Jun 27, 2016, at 7:05 AM, internet-dra...@ietf.org wrote: > > > A New Internet-Draft is available from the on-line Internet-Drafts > directories. > This draft is a work item of the IP Security Maintenance and Extensions of > the IETF. > > Title : TCP Encapsulation of IKE and IPSec Packets > Authors : Tommy Pauly > Samy Touati > Ravi Mantha > Filename : draft-ietf-ipsecme-tcp-encaps-00.txt > Pages : 19 > Date : 2016-06-24 > > Abstract: > This document describes a method to transport IKE and IPSec packets > over a TCP connection for traversing network middleboxes that may > block IKE negotiation over UDP. This method, referred to as TCP > encapsulation, involves sending all packets for tunnel establishment > as well as tunneled packets over a TCP connection. This method is > intended to be used as a fallback option when IKE cannot be > negotiated over UDP. > > > The IETF datatracker status page for this draft is: > https://datatracker.ietf.org/doc/draft-ietf-ipsecme-tcp-encaps/ > > There's also a htmlized version available at: > https://tools.ietf.org/html/draft-ietf-ipsecme-tcp-encaps-00 > > > Please note that it may take a couple of minutes from the time of submission > until the htmlized version and diff are available at tools.ietf.org. > > Internet-Drafts are also available by anonymous FTP at: > ftp://ftp.ietf.org/internet-drafts/ > > _______________________________________________ > IPsec mailing list > IPsec@ietf.org > https://www.ietf.org/mailman/listinfo/ipsec _______________________________________________ IPsec mailing list IPsec@ietf.org https://www.ietf.org/mailman/listinfo/ipsec
