IKEv2 (son-of-ike) draft

[Radia Perlman - Boston Center for Networking <Radia.Perlman@sun.com>]

And to answer some of the recent email on the list...this
protocol does maintain the phase 1/phase 2 notion, but sets up
both phase 1 and phase 2 in a single 2-round-trip exchange.
After the initial exchange, additional SAs can be set up,
or the SA can be rekeyed, with a single round trip. And it
does identity hiding of both ends.

Most of the work was in rewriting the three documents into
a single self-contained document, and cleaning up the "networking"
type issues and overly complex encodings such as
the SA payload.

Radia
------------- Begin Forwarded Message -------------

To: ipsec@lists.tislabs.com
From: dharkins@tibernian.com
Subject: IKEv2 (son-of-ike) draft
MIME-Version: 1.0
Content-ID: <2377.1006067452.1@SailPix.com>

   This draft was submitted but hasn't shown up yet in the repository
(the I-D editor is, no doubt, swamped) so in the interest of giving
people more time to look at it prior to Salt Lake here's a link:

             http://www.lounge.org/draft-ietf-ipsec-ikev2-00.txt

Please send comments to the list.

   Dan.



------------- End Forwarded Message -------------