Re: [IPsec] I-D Action:draft-ietf-ipsecme-traffic-visibility-07.txt

Jack Kohn <kohn.jack@gmail.com> Fri, 21 August 2009 22:23 UTC

Return-Path: <kohn.jack@gmail.com>
X-Original-To: ipsec@core3.amsl.com
Delivered-To: ipsec@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id C8D153A6359 for <ipsec@core3.amsl.com>; Fri, 21 Aug 2009 15:23:07 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.598
X-Spam-Level:
X-Spam-Status: No, score=-2.598 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HTML_MESSAGE=0.001]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lHc0F03-mBPw for <ipsec@core3.amsl.com>; Fri, 21 Aug 2009 15:23:06 -0700 (PDT)
Received: from mail-gx0-f217.google.com (mail-gx0-f217.google.com [209.85.217.217]) by core3.amsl.com (Postfix) with ESMTP id AC7AE3A6977 for <ipsec@ietf.org>; Fri, 21 Aug 2009 15:23:06 -0700 (PDT)
Received: by gxk17 with SMTP id 17so1451738gxk.19 for <ipsec@ietf.org>; Fri, 21 Aug 2009 15:23:08 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:in-reply-to:references :date:message-id:subject:from:to:cc:content-type; bh=WoylgyaO/vrVICp5LI9xtETmUME5yH5X3m8Pnwf7bew=; b=CG/d3Z25DcLZ2Fi5mW4UQU0YAR3o6WH8s3o5rM+lUik2pPZvzVvk2KY3WxORc0OOe4 hxJkYJjyio3jFwPVCVRX3yZMmhIa6HQoy4/+u4ADhi6A7RLiffunv86leCqwu4OU+eh7 Yfhs/PJn506ivqnaMJvLgsSrXtU7xTQiU558U=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; b=dWQ9KUlw8fjcxi4hAZ74u5nM37Iw5xPIRR9TSh3wvArFwS3lB1PMbGFcgjjPAts46w 0y5D7xi0Xlj8bH2wa7G/4HX9FYAqMppoU2MRJ5mYUAVQCs2MgUb9RnrjhA0Y7QRMs5Ky CApXI4P6PhUvPCZaRyrzoLtIzf76W/4X6Nrxg=
MIME-Version: 1.0
Received: by 10.90.10.1 with SMTP id 1mr1313734agj.62.1250893058337; Fri, 21 Aug 2009 15:17:38 -0700 (PDT)
In-Reply-To: <20090810234501.D0BF03A6E8C@core3.amsl.com>
References: <20090810234501.D0BF03A6E8C@core3.amsl.com>
Date: Sat, 22 Aug 2009 03:47:38 +0530
Message-ID: <dc8fd0140908211517y3850c4a0w1edc78513c183aaa@mail.gmail.com>
From: Jack Kohn <kohn.jack@gmail.com>
To: ipsec@ietf.org
Content-Type: multipart/alternative; boundary="00163628351664eb640471ae3c2e"
Cc: paul.hoffman@vpnc.org, "Bhatia, Manav (Manav)" <manav@alcatel-lucent.com>, "Grewal, Ken" <ken.grewal@intel.com>, g_e_montenegro@yahoo.com
Subject: Re: [IPsec] I-D Action:draft-ietf-ipsecme-traffic-visibility-07.txt
X-BeenThere: ipsec@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Discussion of IPsec protocols <ipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ipsec>
List-Post: <mailto:ipsec@ietf.org>
List-Help: <mailto:ipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 21 Aug 2009 22:23:07 -0000

I believe this draft had cleared the WG LC long time back. What else are the
chairs/authors waiting for?

Jack

On Tue, Aug 11, 2009 at 5:15 AM, <Internet-Drafts@ietf.org> wrote:

> A New Internet-Draft is available from the on-line Internet-Drafts
> directories.
> This draft is a work item of the IP Security Maintenance and Extensions
> Working Group of the IETF.
>
>
>        Title           : Wrapped ESP for Traffic Visibility
>        Author(s)       : K. Grewal, et al.
>        Filename        : draft-ietf-ipsecme-traffic-visibility-07.txt
>        Pages           : 14
>        Date            : 2009-08-10
>
> This document describes the Wrapped Encapsulating Security
> Payload (WESP) protocol, which builds on top of Encapsulating
> Security Payload (ESP) [RFC4303] and is designed to allow
> intermediate devices to ascertain if ESP-NULL [RFC2410] is being
> employed and hence inspect the IPsec packets for network
> monitoring and access control functions.  Currently in the IPsec
> standard, there is no way to differentiate between ESP
> encryption and ESP NULL encryption by simply examining a packet.
> This poses certain challenges to the intermediate devices that
> need to deep inspect the packet before making a decision on what
> should be done with that packet (Inspect and/or Allow/Drop). The
> mechanism described in this document can be used to easily
> disambiguate ESP-NULL from ESP encrypted packets, without
> compromising on the security provided by ESP.
>
> A URL for this Internet-Draft is:
>
> http://www.ietf.org/internet-drafts/draft-ietf-ipsecme-traffic-visibility-07.txt
>
> Internet-Drafts are also available by anonymous FTP at:
> ftp://ftp.ietf.org/internet-drafts/
>
> Below is the data which will enable a MIME compliant mail reader
> implementation to automatically retrieve the ASCII version of the
> Internet-Draft.
>
>
> _______________________________________________
> IPsec mailing list
> IPsec@ietf.org
> https://www.ietf.org/mailman/listinfo/ipsec
>
>