Hi, this version addresses the latest comment from Tero and also fixes text mentioning NAT_DETECTION_*_IP notifications (previously in some places only NAT_DETECTION_SOURCE_IP was mentioned).
Regards, Valery. > A New Internet-Draft is available from the on-line Internet-Drafts directories. > This draft is a work item of the IP Security Maintenance and Extensions WG of > the IETF. > > Title : TCP Encapsulation of IKE and IPsec Packets > Authors : Valery Smyslov > Tommy Pauly > Filename : draft-ietf-ipsecme-rfc8229bis-05.txt > Pages : 31 > Date : 2022-03-23 > > Abstract: > This document describes a method to transport Internet Key Exchange > Protocol (IKE) and IPsec packets over a TCP connection for traversing > network middleboxes that may block IKE negotiation over UDP. This > method, referred to as "TCP encapsulation", involves sending both IKE > packets for Security Association establishment and Encapsulating > Security Payload (ESP) packets over a TCP connection. This method is > intended to be used as a fallback option when IKE cannot be > negotiated over UDP. > > TCP encapsulation for IKE and IPsec was defined in RFC 8229. This > document updates the specification for TCP encapsulation by including > additional clarifications obtained during implementation and > deployment of this method. This documents obsoletes RFC 8229. > > > The IETF datatracker status page for this draft is: > https://datatracker.ietf.org/doc/draft-ietf-ipsecme-rfc8229bis/ > > There is also an htmlized version available at: > https://datatracker.ietf.org/doc/html/draft-ietf-ipsecme-rfc8229bis-05 > > A diff from the previous version is available at: > https://www.ietf.org/rfcdiff?url2=draft-ietf-ipsecme-rfc8229bis-05 > > > Internet-Drafts are also available by rsync at rsync.ietf.org::internet-drafts > > > _______________________________________________ > IPsec mailing list > IPsec@ietf.org > https://www.ietf.org/mailman/listinfo/ipsec _______________________________________________ IPsec mailing list IPsec@ietf.org https://www.ietf.org/mailman/listinfo/ipsec
