Protocol Action: On the Use of SCTP with IPsec to Proposed Standard

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 




The IESG has approved the Internet-Draft On the Use of SCTP with IPsec
<draft-ietf-ipsec-sctp-06.txt> as a Proposed Standard.  This document
is the product of the IP Security Protocol Working Group.  The IESG
contact persons are Jeffrey Schiller and Steve Bellovin.


Technical Summary

SCTP introduces the notion that a protocol end-point might have
multiple IP addresses associated with it at one time (as a multi-homed
host is). By specifying a set of addresses associated with each
end-point, it can provide increased reliability in the event that one
of its addresses become unreachable.

IPSEC on the other-hand was designed with the notion that one host is
one address. Important data structures such as SPD entries tend to be
tied to an address.

This document recommends implementation strategies (i.e., changes that
do not require a "wire protocol" change) that can make for more
efficient uses of IPSEC in multi-homed SCTP environments. It also
recommends a new IKE payload to facilitate negotiating a list of
addresses in place of a single address (the ID_LIST ID payload).

Working Group Summary

The working group had consensus on this document.

Protocol Quality

This document has been reviewed for the IESG by Jeff Schiller.


[Index of Archives]     [IETF]     [IETF Discussion]     [Linux Kernel]

  Powered by Linux