Hi, ESP and IKEv2 are protocols of the IPsec suite. IKEv2 is a negotiation protocol. It authenticates the peers, agrees on a secret keys, the protocol used to secure the IPsec communication (ESP/AH), the encryption algos and authentication algos... ESP defines the format of the IP packet over the IPsec protected communication.
IPsec suites secures the IP datagram. That is, in the case of ESP, it encrypts/authenticates the transport and upper layer. TLS/DTLS secures everything above the transport layer. I hope I answer the question. BR, Daniel On Tue, Feb 11, 2014 at 10:24 AM, Cao Zhen (CZ) <[email protected]> wrote: > Hi , Daniel, > > What's the relationship with existing work on ikev2, and tls? > > Thanks, > Zhen > >> -----Original Message----- >> From: Lwip [mailto:[email protected]] On Behalf Of Daniel Migault >> Sent: Friday, January 31, 2014 10:59 PM >> To: [email protected] >> Subject: [Lwip] Fwd: IPsec/Diet-ESP for IoT and Minimal ESP >> >> Hi, >> >> Please find our draft for minimal IPsec/ESP. >> >> Comment are welcome! >> >> BR, >> Daniel >> >> >> Name: draft-mglt-lwig-minimal-esp >> Revision: 00 >> Title: Minimal ESP >> Document date: 2014-01-31 >> Group: Individual Submission >> Pages: 6 >> URL:http://www.ietf.org/internet-drafts/draft-mglt-lwig-minimal-esp-00.txt >> Status:https://datatracker.ietf.org/doc/draft-mglt-lwig-minimal-esp/ >> Htmlized:http://tools.ietf.org/html/draft-mglt-lwig-minimal-esp-00 >> >> >> Abstract: >> This document describes a minimal version of the IP Encapsulation >> Security Payload (ESP) described in RFC 4303 which is part of the >> IPsec suite. >> >> ESP is used to provide confidentiality, data origin authentication, >> connectionless integrity, an anti-replay service (a form of partial >> sequence integrity), and limited traffic flow confidentiality. >> >> This document does not update or modify RFC 4303, but provides a >> compact description of the minimal version of the protocol. If this >> document and RFC 4303 conflicts then RFC 4303 is the authoritative >> description. >> >> >> -- >> Daniel Migault >> Orange Labs -- Security >> +33 6 70 72 69 58 >> _______________________________________________ >> Lwip mailing list >> [email protected] >> https://www.ietf.org/mailman/listinfo/lwip > > > -- Daniel Migault Orange Labs -- Security +33 6 70 72 69 58 _______________________________________________ Lwip mailing list [email protected] https://www.ietf.org/mailman/listinfo/lwip
