The IESG has approved the following document: - 'IP-TFS: Aggregation and Fragmentation Mode for ESP and its Use for IP Traffic Flow Security' (draft-ietf-ipsecme-iptfs-19.txt) as Proposed Standard
This document is the product of the IP Security Maintenance and Extensions Working Group. The IESG contact persons are Paul Wouters and Roman Danyliw. A URL of this Internet Draft is: https://datatracker.ietf.org/doc/draft-ietf-ipsecme-iptfs/ Technical Summary This document describes a mechanism for aggregation and fragmentation of IP packets when they are being encapsulated in ESP payload. This new payload type can be used for various purposes such as decreasing encapsulation overhead for small IP packets; however, the focus in this document is to enhance IPsec traffic flow security (IP-TFS) by adding Traffic Flow Confidentiality (TFC) to encrypted IP encapsulated traffic. TFC is provided by obscuring the size and frequency of IP traffic using a fixed-sized, constant-send-rate IPsec tunnel. The solution allows for congestion control as well as non-constant send-rate usage. Working Group Summary Various aspects of the document were discussed and debated, with multiple revisions incorporating the results. There was no controversy though, and there is good WG consensus. Document Quality At least one implementation will be open sourced, with interest by others in implementing. There were multiple thorough reviews by experts in the WG. Personnel Document Shepherd: Tero Kivinen Responsible Area Director: Roman Danyliw _______________________________________________ IPsec mailing list IPsec@ietf.org https://www.ietf.org/mailman/listinfo/ipsec
