Hi Joel,
This describes how LISP is used today in combination with IPsec
(typically GDOI is used to simplify key distribution).
I think Dino's work is more forward looking, with two main goals: (1)
combine encryption with the LISP dataplane, for a more efficient
encoding on the wire, (2) take advantage of the LISP mapping system (and
possibly of some of the mechanisms in LISP-SEC) for key
derivation/distribution
Fabio
On 2/12/14, 8:54 AM, Joel M. Halpern wrote:
This draft seems to expect that IPSec tunnels will be set up by means
outside of LISP. That seems to contravene the premise of LISp that it
can operate without needing permanent / pre-established tunnel state.
Should this be tied to the work Dino described at the last IETF
meeting on using LISP to establish encryption for the LISP tunnel?
Yours,
Joel
On 2/12/14, 6:22 AM, Santiago Freitas (safreita) wrote:
Hi LISP Working Group,
Today we have submitted a draft that covers using LISP for Secure Hybrid
Cloud Extension.
The draft can be found at
http://www.ietf.org/id/draft-freitas-bellagamba-lisp-hybrid-cloud-usecase-00.txt
We would like to request your comments on it.
Also, we would like request a small slot on the upcoming IETF 89 meeting
to present an overview of the use case covered on the draft.
We look forward to your comments and for your feedback if we can have a
small slot to present an overview of this draft on IETF 89.
Sincerely,
Patrice and Santiago
_______________________________________________
lisp mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/lisp
