Hi Hui, I think it'd also be very useful if you indicate which ones are.
Thanks. Alper > -----Original Message----- > From: ipsec-boun...@ietf.org [mailto:ipsec-boun...@ietf.org] On Behalf > Of Hui Deng > Sent: Thursday, December 03, 2009 4:47 PM > To: Alper Yegin > Cc: ipsec@ietf.org; Yoav Nir > Subject: Re: [IPsec] Proposed work item: Childless IKE SA > > Hi, Alper > > Not all of them. > > -Hui > > 2009/12/2 Alper Yegin <alper.ye...@yegin.org>: > > Hi Hui, > > > > Are all 4 motivations below part of 3gpp discussion? > > > > Alper > > > > > >> -----Original Message----- > >> From: ipsec-boun...@ietf.org [mailto:ipsec-boun...@ietf.org] On > Behalf > >> Of Hui Deng > >> Sent: Tuesday, December 01, 2009 3:28 PM > >> To: Yoav Nir > >> Cc: ipsec@ietf.org; Alper Yegin > >> Subject: Re: [IPsec] Proposed work item: Childless IKE SA > >> > >> During the last 3GPP SA3 meeting, such requirement about HNB has > also > >> been approved as well. > >> > >> thanks > >> > >> -Hui > >> > >> 2009/12/1 Yoav Nir <y...@checkpoint.com>: > >> > There were several motivations listed for childless IKE SAs. > >> > - remote access, where you create an IKE SA when the user wants > to > >> connect, and only create child SAs in response to traffic > >> > - authentication only over a physically secure network (not > >> necessarily EAP, but I think this is the use case you referred to) > >> > - Location awareness (as in the SecureBeacon draft) > >> > - Some "weird" uses such as liveness checks without IPsec, NAT > >> detection, etc. > >> > > >> > > >> > On Dec 1, 2009, at 2:29 PM, Alper Yegin wrote: > >> > > >> >> One of the (or main?) motivations of this proposal is to turn > IKEv2 > >> into > >> >> "EAP-based network access authentication protocol". RFC 5191 is > >> designed > >> >> for that purpose, and I'm not sure if we need to twist a protocol > >> for the > >> >> same purpose. > >> >> > >> >> > >> >> > >> >>> -----Original Message----- > >> >>> From: ipsec-boun...@ietf.org [mailto:ipsec-boun...@ietf.org] On > >> Behalf > >> >>> Of Yaron Sheffer > >> >>> Sent: Sunday, November 29, 2009 7:21 PM > >> >>> To: ipsec@ietf.org > >> >>> Subject: [IPsec] Proposed work item: Childless IKE SA > >> >>> > >> >>> This draft proposes an IKEv2 extension to allow the setup of an > IKE > >> SA > >> >>> with no Child SA, a situation which is currently disallowed by > the > >> >>> protocol. > >> >>> > >> >>> Proposed starting point: http://tools.ietf.org/id/draft-nir- > >> ipsecme- > >> >>> childless-01.txt. > >> >>> > >> >>> Please reply to the list: > >> >>> > >> >>> - If this proposal is accepted as a WG work item, are you > >> committing to > >> >>> review multiple versions of the draft? > >> >>> - Are you willing to contribute text to the draft? > >> >>> - Would you like to co-author it? > >> >>> > >> >>> Please also reply to the list if: > >> >>> > >> >>> - You believe this is NOT a reasonable activity for the WG to > spend > >> >>> time on. > >> >>> > >> >>> If this is the case, please explain your position. Do not > explore > >> the > >> >>> fine technical details (which will change anyway, once the WG > gets > >> hold > >> >>> of the draft); instead explain why this is uninteresting for the > WG > >> or > >> >>> for the industry at large. Also, please mark the title clearly > >> (e.g. > >> >>> "DES40-export in IPsec - NO!"). > >> >>> _______________________________________________ > >> >>> IPsec mailing list > >> >>> IPsec@ietf.org > >> >>> https://www.ietf.org/mailman/listinfo/ipsec > >> >> > >> >> _______________________________________________ > >> >> IPsec mailing list > >> >> IPsec@ietf.org > >> >> https://www.ietf.org/mailman/listinfo/ipsec > >> >> > >> >> Scanned by Check Point Total Security Gateway. > >> > > >> > _______________________________________________ > >> > IPsec mailing list > >> > IPsec@ietf.org > >> > https://www.ietf.org/mailman/listinfo/ipsec > >> > > >> _______________________________________________ > >> IPsec mailing list > >> IPsec@ietf.org > >> https://www.ietf.org/mailman/listinfo/ipsec > > > > _______________________________________________ > > IPsec mailing list > > IPsec@ietf.org > > https://www.ietf.org/mailman/listinfo/ipsec > > > _______________________________________________ > IPsec mailing list > IPsec@ietf.org > https://www.ietf.org/mailman/listinfo/ipsec _______________________________________________ IPsec mailing list IPsec@ietf.org https://www.ietf.org/mailman/listinfo/ipsec
