Hi Chris Thanks for the presentation yesterday.
I have been thinking about traffic with different DSCP markings. e.g if I have voice, video and web traffic (with their configured DSCP), it looks like all three flows could be sent in a single encrypted payload and the DSCP marking in the outer header is ignored. How do you look to address the challenges that this will bring with regards to traffic prioritisation ? Many thanks On 11/03/2019, 14:33, "IPsec on behalf of Christian Hopps" <ipsec-boun...@ietf.org on behalf of cho...@chopps.org> wrote: Hi ipsecme folks, Here's some new work on improving IP traffic flow security. I've requested a presentation slot from the chairs for the upcoming ipsecme WG meeting @ IETF 104, and will hopefully be able to present this work at that time as well. Thanks, Chris. internet-dra...@ietf.org writes: > A New Internet-Draft is available from the on-line Internet-Drafts directories. > > > Title : IP Traffic Flow Security > Author : Christian Hopps > Filename : draft-hopps-ipsecme-iptfs-00.txt > Pages : 22 > Date : 2019-03-11 > > Abstract: > This document describes a mechanism to enhance IPsec traffic flow > security by adding traffic flow confidentiality to encrypted IP > encapsulated traffic. Traffic flow confidentiality is provided by > obscuring the size and frequency of IP traffic using a fixed-sized, > constant-send-rate IPsec tunnel. The solution allows for congestion > control as well. > > > The IETF datatracker status page for this draft is: > https://datatracker.ietf.org/doc/draft-hopps-ipsecme-iptfs/ > > There are also htmlized versions available at: > https://tools.ietf.org/html/draft-hopps-ipsecme-iptfs-00 > https://datatracker.ietf.org/doc/html/draft-hopps-ipsecme-iptfs-00 > > > Please note that it may take a couple of minutes from the time of submission > until the htmlized version and diff are available at tools.ietf.org. > > Internet-Drafts are also available by anonymous FTP at: > ftp://ftp.ietf.org/internet-drafts/ > > _______________________________________________ > I-D-Announce mailing list > i-d-annou...@ietf.org > https://www.ietf.org/mailman/listinfo/i-d-announce > Internet-Draft directories: http://www.ietf.org/shadow.html > or ftp://ftp.ietf.org/ietf/1shadow-sites.txt
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ IPsec mailing list IPsec@ietf.org https://www.ietf.org/mailman/listinfo/ipsec