[I2nsf] Fwd: New Version Notification for draft-ietf-i2nsf-sdn-ipsec-flow-protection-04.txt

Rafa Marin-Lopez <rafa@um.es> Tue, 19 March 2019 18:51 UTC

Return-Path: <rafa@um.es>
X-Original-To: i2nsf@ietfa.amsl.com
Delivered-To: i2nsf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D63AA13158F; Tue, 19 Mar 2019 11:51:10 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZI4UpP7z4XZN; Tue, 19 Mar 2019 11:51:05 -0700 (PDT)
Received: from xenon42.um.es (xenon42.um.es [IPv6:2001:720:1710:601::42]) by ietfa.amsl.com (Postfix) with ESMTP id 62A511315A3; Tue, 19 Mar 2019 11:51:01 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by xenon42.um.es (Postfix) with ESMTP id 7735D20D7D; Tue, 19 Mar 2019 19:50:53 +0100 (CET)
X-Virus-Scanned: by antispam in UMU at xenon42.um.es
Received: from xenon42.um.es ([127.0.0.1]) by localhost (xenon42.um.es [127.0.0.1]) (amavisd-new, port 10024) with LMTP id Uf_8tKiCnlF7; Tue, 19 Mar 2019 19:50:53 +0100 (CET)
Received: from [192.168.1.36] (145.red-88-20-136.staticip.rima-tde.net [88.20.136.145]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) (Authenticated sender: rafa) by xenon42.um.es (Postfix) with ESMTPSA id BAE32204EF; Tue, 19 Mar 2019 19:50:51 +0100 (CET)
From: Rafa Marin-Lopez <rafa@um.es>
Content-Type: multipart/alternative; boundary="Apple-Mail=_A95A5E8E-82FC-4773-8215-E10AD808B59A"
Message-Id: <23D10393-0AC3-4A2E-80C9-A178E19DCED8@um.es>
Mime-Version: 1.0 (Mac OS X Mail 9.3 \(3124\))
Date: Tue, 19 Mar 2019 19:50:49 +0100
References: <155233406860.23094.414648929427040457.idtracker@ietfa.amsl.com>
Cc: Rafa Marin-Lopez <rafa@um.es>, "ipsec@ietf.org WG" <ipsec@ietf.org>
To: i2nsf@ietf.org
X-Mailer: Apple Mail (2.3124)
Archived-At: <https://mailarchive.ietf.org/arch/msg/i2nsf/qndUCJ8R_IagQAXTtT0aURy8E_c>
Subject: [I2nsf] Fwd: New Version Notification for draft-ietf-i2nsf-sdn-ipsec-flow-protection-04.txt
X-BeenThere: i2nsf@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "*I2NSF: Interface to Network Security Functions mailing list*" <i2nsf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/i2nsf>, <mailto:i2nsf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/i2nsf/>
List-Post: <mailto:i2nsf@ietf.org>
List-Help: <mailto:i2nsf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/i2nsf>, <mailto:i2nsf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 19 Mar 2019 18:51:11 -0000

Dear all:

After receiving an extensive review from Paul Wouters, and comments from Linda and Yoav, we have prepared a new version of draft-ietf-i2nsf-sdn-ipsec-flow-protection. 

In order to accomplish the comments and improve the readability of YANG models, we have defined three parts: ietf-ipsec-common (Appendix A), ietf-ipsec-ike (Appendix B, IKE case), ietf-ipsec-ikeless (Appendix C, IKE-less case). The model ietf-ipsec-common has only typedef and groupings common to the other modules.

This is also coherent with the fact that a NSF implementing IKE case should not be worried about implementing anything about IKE-less case and viceversa. 

We would like to have a 10-15 minute slot to explain this new version. We will participate remotely.

Best Regards.

> Inicio del mensaje reenviado:
> 
> De: internet-drafts@ietf.org
> Asunto: New Version Notification for draft-ietf-i2nsf-sdn-ipsec-flow-protection-04.txt
> Fecha: 11 de marzo de 2019, 20:54:28 CET
> Para: "Fernando Pereniguez-Garcia" <fernando.pereniguez@cud.upct.es>, "Rafa Marin-Lopez" <rafa@um.es>, "Rafael Lopez" <rafa@um.es>, "Gabriel Lopez-Millan" <gabilm@um.es>
> 
> 
> A new version of I-D, draft-ietf-i2nsf-sdn-ipsec-flow-protection-04.txt
> has been successfully submitted by Rafa Marin-Lopez and posted to the
> IETF repository.
> 
> Name:		draft-ietf-i2nsf-sdn-ipsec-flow-protection
> Revision:	04
> Title:		Software-Defined Networking (SDN)-based IPsec Flow Protection
> Document date:	2019-03-11
> Group:		i2nsf
> Pages:		49
> URL:            https://www.ietf.org/internet-drafts/draft-ietf-i2nsf-sdn-ipsec-flow-protection-04.txt
> Status:         https://datatracker.ietf.org/doc/draft-ietf-i2nsf-sdn-ipsec-flow-protection/
> Htmlized:       https://tools.ietf.org/html/draft-ietf-i2nsf-sdn-ipsec-flow-protection-04
> Htmlized:       https://datatracker.ietf.org/doc/html/draft-ietf-i2nsf-sdn-ipsec-flow-protection
> Diff:           https://www.ietf.org/rfcdiff?url2=draft-ietf-i2nsf-sdn-ipsec-flow-protection-04
> 
> Abstract:
>   This document describes how providing IPsec-based flow protection by
>   means of a Software-Defined Network (SDN) controller (aka.  Security
>   Controller) and establishes the requirements to support this service.
>   It considers two main well-known scenarios in IPsec: (i) gateway-to-
>   gateway and (ii) host-to-host.  The SDN-based service described in
>   this document allows the distribution and monitoring of IPsec
>   information from a Security Controller to one or several flow-based
>   Network Security Function (NSF).  The NSFs implement IPsec to protect
>   data traffic between network resources with IPsec.
> 
>   The document focuses in the NSF Facing Interface by providing models
>   for Configuration and State data model required to allow the Security
>   Controller to configure the IPsec databases (SPD, SAD, PAD) and IKEv2
>   to establish security associations with a reduced intervention of the
>   network administrator.
> 
> 
> 
> 
> Please note that it may take a couple of minutes from the time of submission
> until the htmlized version and diff are available at tools.ietf.org.
> 
> The IETF Secretariat
> 

-------------------------------------------------------
Rafa Marin-Lopez, PhD
Dept. Information and Communications Engineering (DIIC)
Faculty of Computer Science-University of Murcia
30100 Murcia - Spain
Telf: +34868888501 Fax: +34868884151 e-mail: rafa@um.es
-------------------------------------------------------