> Hi Joel, > This describes how LISP is used today in combination with IPsec (typically > GDOI is used to simplify key distribution).
So this is an existing best practice use-case document Fabio? > I think Dino's work is more forward looking, with two main goals: (1) combine > encryption with the LISP dataplane, for a more efficient encoding on the > wire, (2) take advantage of the LISP mapping system (and possibly of some of > the mechanisms in LISP-SEC) for key derivation/distribution The goal of my work is to provide data-plane confidentiality and it was suggested by the SAAG that we don't need to use a third party PKI, be it traditional or using the mapping database. So I have a design that takes their recommendations. Dino > > Fabio > > > On 2/12/14, 8:54 AM, Joel M. Halpern wrote: >> This draft seems to expect that IPSec tunnels will be set up by means >> outside of LISP. That seems to contravene the premise of LISp that it can >> operate without needing permanent / pre-established tunnel state. >> >> Should this be tied to the work Dino described at the last IETF meeting on >> using LISP to establish encryption for the LISP tunnel? >> >> Yours, >> Joel >> >> On 2/12/14, 6:22 AM, Santiago Freitas (safreita) wrote: >>> Hi LISP Working Group, >>> >>> Today we have submitted a draft that covers using LISP for Secure Hybrid >>> Cloud Extension. >>> >>> The draft can be found at >>> http://www.ietf.org/id/draft-freitas-bellagamba-lisp-hybrid-cloud-usecase-00.txt >>> >>> >>> We would like to request your comments on it. >>> >>> Also, we would like request a small slot on the upcoming IETF 89 meeting >>> to present an overview of the use case covered on the draft. >>> >>> We look forward to your comments and for your feedback if we can have a >>> small slot to present an overview of this draft on IETF 89. >>> >>> Sincerely, >>> >>> Patrice and Santiago >>> > > _______________________________________________ > lisp mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/lisp _______________________________________________ lisp mailing list [email protected] https://www.ietf.org/mailman/listinfo/lisp
