A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the IP Security Maintenance and Extensions WG of
the IETF.
Title : Labeled IPsec Traffic Selector support for IKEv2
Authors : Paul Wouters
Sahana Prasad
Filename : draft-ietf-ipsecme-labeled-ipsec-00.txt
Pages : 7
Date : 2019-03-10
Abstract:
This document defines two new Traffic Selector (TS) Types for
Internet Key Exchange version 2 to add support for Mandatory Access
Control (MAC) security labels, also known as "Labeled IPsec". The
two new TS Types are TS_IPV4_ADDR_RANGE_SECLABEL and
TS_IPV6_ADDR_RANGE_SECLABEL, which are identical to their non-
seclabel namesakes except for the addition of a variable length
opaque field specifying the security label. These new Traffic
Selector Types facilitate negotiating security labels as an
additional selector of the Security Policy Database to further
restrict the type of traffic allowed to be send and received over the
IPsec SA.
The IETF datatracker status page for this draft is:
https://datatracker.ietf.org/doc/draft-ietf-ipsecme-labeled-ipsec/
There are also htmlized versions available at:
https://tools.ietf.org/html/draft-ietf-ipsecme-labeled-ipsec-00
https://datatracker.ietf.org/doc/html/draft-ietf-ipsecme-labeled-ipsec-00
Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org.
Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/
_______________________________________________
IPsec mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/ipsec
