The IESG has approved the Internet-Draft On the Use of SCTP with IPsec <draft-ietf-ipsec-sctp-06.txt> as a Proposed Standard. This document is the product of the IP Security Protocol Working Group. The IESG contact persons are Jeffrey Schiller and Steve Bellovin. Technical Summary SCTP introduces the notion that a protocol end-point might have multiple IP addresses associated with it at one time (as a multi-homed host is). By specifying a set of addresses associated with each end-point, it can provide increased reliability in the event that one of its addresses become unreachable. IPSEC on the other-hand was designed with the notion that one host is one address. Important data structures such as SPD entries tend to be tied to an address. This document recommends implementation strategies (i.e., changes that do not require a "wire protocol" change) that can make for more efficient uses of IPSEC in multi-homed SCTP environments. It also recommends a new IKE payload to facilitate negotiating a list of addresses in place of a single address (the ID_LIST ID payload). Working Group Summary The working group had consensus on this document. Protocol Quality This document has been reviewed for the IESG by Jeff Schiller.
