[GSMP] Changes to draft-ietf-gsmp-encaps-04
ad <avri@acm.org> Thu, 13 December 2001 17:46 UTC
Received: from optimus.ietf.org (ietf.org [132.151.1.19] (may be forged)) by ietf.org (8.9.1a/8.9.1a) with ESMTP id MAA25250 for <gsmp-archive@odin.ietf.org>; Thu, 13 Dec 2001 12:46:43 -0500 (EST)
Received: from optimus.ietf.org (localhost [127.0.0.1]) by optimus.ietf.org (8.9.1a/8.9.1) with ESMTP id MAA08879; Thu, 13 Dec 2001 12:45:31 -0500 (EST)
Received: from ietf.org (odin [132.151.1.176]) by optimus.ietf.org (8.9.1a/8.9.1) with ESMTP id MAA08847 for <gsmp@optimus.ietf.org>; Thu, 13 Dec 2001 12:45:29 -0500 (EST)
Received: from apocalypse.org (IDENT:root@apocalypse.org [192.48.232.17]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id MAA25198 for <gsmp@ietf.org>; Thu, 13 Dec 2001 12:45:26 -0500 (EST)
Received: from localhost (avri@localhost) by apocalypse.org (8.11.2/8.11.0) with ESMTP id fBDHhWP23770 for <gsmp@ietf.org>; Thu, 13 Dec 2001 12:43:32 -0500
X-Authentication-Warning: apocalypse.org: avri owned process doing -bs
Date: Thu, 13 Dec 2001 12:43:32 -0500
From: ad <avri@acm.org>
X-X-Sender: <avri@apocalypse.org>
To: gsmp@ietf.org
Message-ID: <Pine.LNX.4.33.0112131235520.20288-100000@apocalypse.org>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset="US-ASCII"
Subject: [GSMP] Changes to draft-ietf-gsmp-encaps-04
Reply-To: gsmp@ietf.org
Sender: gsmp-admin@ietf.org
Errors-To: gsmp-admin@ietf.org
X-Mailman-Version: 1.0
Precedence: bulk
List-Id: General Switch Management Protocol <gsmp.ietf.org>
X-BeenThere: gsmp@ietf.org
Based on discussions with Scott, our AD, and on discussions during the meeting in Salt Lake, the following changes are being made to the draft. In order to speed up the process (yes, we are still trying to get these documents to RFC status), it was suggested that the new wording be sent to the list for review while the drafts were being updated. If there are no objections to these changes the drafts will be sent back to the IESG for review. These changes are being made in the hopes of satisfying the security area's objections to the current text. Please send any issue to the list before the end of 2001. Thanks a. ----- 4.2 TCP/IP Security consideration When GSMPv3 is implemented for use in IP networks, provisions for security between the controller and client MUST be available and MUST be provided by IP Security [IPSEC]. In this case,the IPSEC Encapsulation Security Payload (ESP) MUST be used to provide both integrity and confidentiality 5. The security of GSMP's TCP/IP control channel has been addressed in Section 4.2. For all uses of GSMP over an IP network it is REQUIRED that GSMP be run over TCP/IP using the security considerations discussed in Section 4.2. Security using ATM and Ethernet encapsulations MAY be provided at the link layer. Discussion of these methods is beyond the scope of this specification. For secure operation over any media, the IP encapsulation with IPsec SHOULD be used. _______________________________________________ GSMP mailing list GSMP@ietf.org http://www.ietf.org/mailman/listinfo/gsmp