[I2nsf] Fwd: RFC 9061 on A YANG Data Model for IPsec Flow Protection Based on Software-Defined Networking (SDN)
Rafa Marin-Lopez <rafa@um.es> Tue, 20 July 2021 05:43 UTC
Return-Path: <rafa@um.es>
X-Original-To: i2nsf@ietfa.amsl.com
Delivered-To: i2nsf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 71FE63A122C for <i2nsf@ietfa.amsl.com>; Mon, 19 Jul 2021 22:43:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.087
X-Spam-Level:
X-Spam-Status: No, score=-2.087 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_PASS=-0.001, T_SPF_HELO_TEMPERROR=0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=um.es
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id v7GDEmWfnX_n for <i2nsf@ietfa.amsl.com>; Mon, 19 Jul 2021 22:43:35 -0700 (PDT)
Received: from mx02.puc.rediris.es (outbound4sev.lav.puc.rediris.es [130.206.19.178]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6B4303A122B for <i2nsf@ietf.org>; Mon, 19 Jul 2021 22:43:34 -0700 (PDT)
Received: from xenon41.um.es (xenon41.um.es [155.54.212.167]) by mx02.puc.rediris.es with ESMTP id 16K5hUSk013645-16K5hUSl013645 for <i2nsf@ietf.org>; Tue, 20 Jul 2021 07:43:30 +0200
Received: from localhost (localhost [127.0.0.1]) by xenon41.um.es (Postfix) with ESMTP id DB5F420117; Tue, 20 Jul 2021 07:43:30 +0200 (CEST)
X-Virus-Scanned: by antispam in UMU at xenon41.um.es
Received: from xenon41.um.es ([127.0.0.1]) by localhost (xenon41.um.es [127.0.0.1]) (amavisd-new, port 10024) with LMTP id e0DulEV6our8; Tue, 20 Jul 2021 07:43:30 +0200 (CEST)
Received: from [192.168.1.37] (182.red-83-53-132.dynamicip.rima-tde.net [83.53.132.182]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) (Authenticated sender: rafa@um.es) by xenon41.um.es (Postfix) with ESMTPSA id 8341A2003A; Tue, 20 Jul 2021 07:43:30 +0200 (CEST)
From: Rafa Marin-Lopez <rafa@um.es>
Content-Type: multipart/alternative; boundary="Apple-Mail=_0CDE223D-C528-40FB-8220-6DFD5C2D0E97"
Mime-Version: 1.0 (Mac OS X Mail 12.4 \(3445.104.21\))
Date: Tue, 20 Jul 2021 07:43:29 +0200
References: <20210715061735.5BD56F406F2@rfc-editor.org>
Cc: Rafa Marin-Lopez <rafa@um.es>
To: i2nsf@ietf.org
Message-Id: <8BF3A83C-1C83-4232-9121-695E1FB13408@um.es>
X-Mailer: Apple Mail (2.3445.104.21)
X-FEAS-SPF: spf-result=pass, ip=155.54.212.167, helo=xenon41.um.es, mailFrom=rafa@um.es
Authentication-Results: mx02.puc.rediris.es; spf=pass (rediris.es: domain of rafa@um.es designates 155.54.212.167 as permitted sender) smtp.mailfrom=rafa@um.es
X-FE-Policy-ID: 2:15:0:SYSTEM
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; d=um.es; s=DKIM; c=relaxed/relaxed; h=from:content-type:mime-version:subject:date:references:cc:to:message-id; bh=oy3uwpEaK++gWeqMDN0RNFCWyQgqQSUCI4Xk5udzU6M=; b=SE04FJj8c6k23L0eqHpMgpCUdjLVIQZ9atG5utYpCCPhuNsq3AbZ1h1ZU1L1BukgtS0/E0NXQCgI slsfftLK5imaqOAstDfHQ3dc1iHfxQ0kahe5nbexEOVgB5sU/4AdLeiumgQzSj8p5F83lwXk6IP6 Gn7CdYSmt5xAsY2c2DZpgbsq3YAhyns4F1t5PB8UPYgzR5p013kIzzM13UPQt7JTvsLiwkIsbnAK mPazyIcL58kqOaLYLF2bhxRqlES0bi8OTVQT0G3MlcngIgwLse6/tGxjzBBp6qqk+nfXuOF2HoMJ hyW0JmWExVpmqOOwjRkWbzTgfokozqeaDjYYZQ==
Archived-At: <https://mailarchive.ietf.org/arch/msg/i2nsf/BD6g_QzsmZXIUXw6pCj2RjHDUxQ>
Subject: [I2nsf] Fwd: RFC 9061 on A YANG Data Model for IPsec Flow Protection Based on Software-Defined Networking (SDN)
X-BeenThere: i2nsf@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "*I2NSF: Interface to Network Security Functions mailing list*" <i2nsf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/i2nsf>, <mailto:i2nsf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/i2nsf/>
List-Post: <mailto:i2nsf@ietf.org>
List-Help: <mailto:i2nsf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/i2nsf>, <mailto:i2nsf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 20 Jul 2021 05:43:42 -0000
Dear I2NSF WG members: Authors would like to thank to all I2NSF WG members and reviewers of this document. Without them, it would have not been possible to achieve this goal. It was a pleasure to work with you. Best Regards. > Inicio del mensaje reenviado: > > De: rfc-editor@rfc-editor.org > Asunto: [I2nsf] RFC 9061 on A YANG Data Model for IPsec Flow Protection Based on Software-Defined Networking (SDN) > Fecha: 15 de julio de 2021, 8:17:35 CEST > Para: ietf-announce@ietf.org, rfc-dist@rfc-editor.org > Cc: i2nsf@ietf.org, drafts-update-ref@iana.org, rfc-editor@rfc-editor.org > > A new Request for Comments is now available in online RFC libraries. > > > RFC 9061 > > Title: A YANG Data Model for IPsec Flow Protection > Based on Software-Defined Networking (SDN) > Author: R. Marin-Lopez, > G. Lopez-Millan, > F. Pereniguez-Garcia > Status: Standards Track > Stream: IETF > Date: July 2021 > Mailbox: rafa@um.es, > gabilm@um.es, > fernando.pereniguez@cud.upct.es > Pages: 90 > Updates/Obsoletes/SeeAlso: None > > I-D Tag: draft-ietf-i2nsf-sdn-ipsec-flow-protection-14.txt > > URL: https://www.rfc-editor.org/info/rfc9061 > > DOI: 10.17487/RFC9061 > > This document describes how to provide IPsec-based flow protection > (integrity and confidentiality) by means of an Interface to Network > Security Function (I2NSF) Controller. It considers two main > well-known scenarios in IPsec: gateway-to-gateway and host-to-host. > The service described in this document allows the configuration and > monitoring of IPsec Security Associations (IPsec SAs) from an I2NSF > Controller to one or several flow-based Network Security Functions > (NSFs) that rely on IPsec to protect data traffic. > > This document focuses on the I2NSF NSF-Facing Interface by providing > YANG data models for configuring the IPsec databases, namely Security > Policy Database (SPD), Security Association Database (SAD), Peer > Authorization Database (PAD), and Internet Key Exchange Version 2 > (IKEv2). This allows IPsec SA establishment with minimal intervention > by the network administrator. This document defines three YANG > modules, but it does not define any new protocol. > > This document is a product of the Interface to Network Security Functions Working Group of the IETF. > > This is now a Proposed Standard. > > STANDARDS TRACK: This document specifies an Internet Standards Track > protocol for the Internet community, and requests discussion and suggestions > for improvements. Please refer to the current edition of the Official > Internet Protocol Standards (https://www.rfc-editor.org/standards) for the > standardization state and status of this protocol. Distribution of this > memo is unlimited. > > This announcement is sent to the IETF-Announce and rfc-dist lists. > To subscribe or unsubscribe, see > https://www.ietf.org/mailman/listinfo/ietf-announce > https://mailman.rfc-editor.org/mailman/listinfo/rfc-dist > > For searching the RFC series, see https://www.rfc-editor.org/search > For downloading RFCs, see https://www.rfc-editor.org/retrieve/bulk > > Requests for special distribution should be addressed to either the > author of the RFC in question, or to rfc-editor@rfc-editor.org. Unless > specifically noted otherwise on the RFC itself, all RFCs are for > unlimited distribution. > > > The RFC Editor Team > Association Management Solutions, LLC > > > _______________________________________________ > I2nsf mailing list > I2nsf@ietf.org > https://www.ietf.org/mailman/listinfo/i2nsf ------------------------------------------------------- Rafa Marin-Lopez, PhD Dept. Information and Communications Engineering (DIIC) Faculty of Computer Science-University of Murcia 30100 Murcia - Spain Telf: +34868888501 Fax: +34868884151 e-mail: rafa@um.es -------------------------------------------------------
- [I2nsf] RFC 9061 on A YANG Data Model for IPsec F… rfc-editor
- [I2nsf] Fwd: RFC 9061 on A YANG Data Model for IP… Rafa Marin-Lopez
- Re: [I2nsf] Fwd: RFC 9061 on A YANG Data Model fo… Mr. Jaehoon Paul Jeong
- Re: [I2nsf] Fwd: RFC 9061 on A YANG Data Model fo… Linda Dunbar