We presented the 01 version at the Alldispatch session in IETF120. The feedback
was the mechanism should be discussed in the IPsecme group.
Linda
-----Original Message-----
From: Michael Richardson <mcr+i...@sandelman.ca>
Sent: Tuesday, October 29, 2024 6:01 AM
To: ipsec@ietf.org
Subject: [IPsec] Re: Need 10 minutes slot at the IPsecme session
Linda Dunbar <linda.dun...@futurewei.com> wrote:
> The primary scenario for the proposed authentication method is from
draft-ietf-rtgwg-multi-segment-sdwan
> where an additional header (GENEVE Encapsulation [RFC8926]) is added to
> the encrypted payload to steer packets through underlay networks. In
> these scenarios, the underlay network edge nodes do not decrypt and
> re-encrypt the payloads. The header information is used for optimizing
> packet forwarding in underlay networks and, therefore, resides outside
> the IPsec ESP header.
So, why is this an IPsec problem/concern?
--
Michael Richardson <mcr+i...@sandelman.ca>, Sandelman Software Works
-= IPv6 IoT consulting =- *I*LIKE*TRAINS*
_______________________________________________
IPsec mailing list -- ipsec@ietf.org
To unsubscribe send an email to ipsec-le...@ietf.org
