Sahana and I wrote the initial draft for Labeled IPsec. I'm not sure
why it didn't auto-email the list, so links follow below. Please
discuss :)
Paul
A new version of I-D, draft-sprasad-ipsecme-labeled-ipsec-00.txt
has been successfully submitted by Sahana Prasad and posted to the
IETF repository.
Name: draft-sprasad-ipsecme-labeled-ipsec
Revision: 00
Title: Labeled IPsec Traffic Selector support for IKEv2
Document date: 2018-03-04
Group: Individual Submission
Pages: 6
URL:
https://www.ietf.org/internet-drafts/draft-sprasad-ipsecme-labeled-ipsec-00.txt
Status:
https://datatracker.ietf.org/doc/draft-sprasad-ipsecme-labeled-ipsec/
Htmlized:
https://tools.ietf.org/html/draft-sprasad-ipsecme-labeled-ipsec-00
Htmlized:
https://datatracker.ietf.org/doc/html/draft-sprasad-ipsecme-labeled-ipsec-00
Abstract:
Some IPsec implementations support Security Labels otherwise known as
Security Contexts, to be configured as a selector within the Security
Policy Database (SPD) for IPsec SAs. This document adds support to
IKEv2 to negotiate these Security Labels or Contexts using a new
Traffic Selector (TS) Type TS_SECLABEL. The approach is named
"Labeled IPsec". It assumes that the SPD processing of RFC 4303 is
already extended to support Security Labels. This document only adds
the ability for IKE to negotiate the Security Labels used with the
SPD.
Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org.
The IETF Secretariat
_______________________________________________
IPsec mailing list
IPsec@ietf.org
https://www.ietf.org/mailman/listinfo/ipsec