Hi Joy, Couldn't the security context information be expressed in the IKEv2 version as a new Traffic Selector type?
It seems that the IKEv2 negotiation exchanges a parameter set that describes the upper-layer data to pass over the ESP or AH SA. This is what the Traffic Selectors in IKEv2 do. Greg Daley ---------------------------------------- > From: lat...@austin.ibm.com > To: ipsec@ietf.org > Date: Fri, 10 Jul 2009 16:26:06 -0500 > CC: se...@us.ibm.com; gcwil...@us.ibm.com; tjae...@cse.psu.edu > Subject: [IPsec] New version of labeled ipsec drafts > > Hi, > > New versions of labeled ipsec drafts are available for review. > Please send any comments to lat...@austin.ibm.com. > > Thanks! > > regards, > Joy Latten > > A new version of I-D, draft-jml-ipsec-ikev2-security-context-01.txt has > been successfuly submitted by Joy Latten and posted to the IETF > repository. > > Filename: draft-jml-ipsec-ikev2-security-context > Revision: 01 > Title: Security Context Addendum to IPsec > Creation_date: 2009-07-10 > WG ID: Independent Submission > Number_of_pages: 10 > > Abstract: > This document describes the high-level requirements needed within > IPsec to support Mandatory Access Control (MAC) on network > communications. It describes the extensions to the Security > Architecture for the Internet Protocol [RFC4301] and the Internet > Key Exchange Protocol Version 2 [RFC4306]. It also describes the > negotiation of the security context for a particular Authentication > Header (AH) [RFC4302] and/or Encapsulating Security Payload (ESP) > [RFC4303] security association. > > > > The IETF Secretariat. > > > A new version of I-D, draft-jml-ipsec-ikev1-security-context-01.txt has > been successfuly submitted by Joy Latten and posted to the IETF > repository. > > Filename: draft-jml-ipsec-ikev1-security-context > Revision: 01 > Title: draft-jml-ipsec-ikev1-security-context-01 > Creation_date: 2009-07-10 > WG ID: Independent Submission > Number_of_pages: 7 > > Abstract: > This document describes the need for and use of a security context > within IPsec. It describes the extension to the Internet IP Security > Domain of Interpretation (IPsec DOI) [RFC2407] for the Internet > Security Association and Key Management Protocol (ISAKMP) [RFC2408]. > This extension supports the negotiation of the security context for a > particular IP Authentication Header (AH) [RFC4302] or IP > Encapsulating Security Payload (ESP) [RFC4303] security association. > > > > The IETF Secretariat. > > > > _______________________________________________ > IPsec mailing list > IPsec@ietf.org > https://www.ietf.org/mailman/listinfo/ipsec _________________________________________________________________ POP access for Hotmail is here! Click here to find out more http://windowslive.ninemsn.com.au/article.aspx?id=802246 _______________________________________________ IPsec mailing list IPsec@ietf.org https://www.ietf.org/mailman/listinfo/ipsec
