RE: [Softwires] Control and data plane

["Durand, Alain" <Alain_Durand@cable.comcast.com>]

>From: softwires-bounces@ietf.org on behalf of JORDI PALET MARTINEZ
>Sent: Mon 1/16/2006 8:31 AM
>To: softwires@ietf.org
>Subject: [Softwires] Control and data plane

>

>Hi all,
>
>I'm trying to clarify myself about this:
>
>3.11.2.  Privacy, Integrity, and Replay protection
>
>   The softwire Control and/or Data plane MUST be able to provide full
>   payload security (such as IPsec or SSL) when desired.  This
>   additional protection MUST be separable from the tunneling aspect of
>   the softwire mechanism itself.  For IPsec, default profiles MUST be
>  defined. [draft-ietf-v6ops-ipsec-tunnels] provides guidelines on
>   this.
>
>I'm starting to think that if I can't understand this text being 100% sure
>about what we want to say, then is not clear enough ;-)
>
>My question is, when we say contral and/or data plane, we are referring to
>the softwire protocol itself including any handshaking etc. ?
>
>So the handshaking is the payload and then is data, or data is the tunnel.
>
>Because if data is the tunnel (which is what I think), then it is already
>covered by the 2nd sentence ...


The "control' plane is the softwire mechanism. The data plane is made of the tunneled data.
My reading of the second sentence is that there is no a-priori restriction on
the way this security is achieved. For example, one can decide to protect the control plane
and not the data plane or vice versa, and this should be doable regardless of the tunneling
control mechanism softwire will use...

Does this makes things clearer?

>Moreover, are we requiring encryption or just authentication ?

Both and neither.

    - Alain.

 


_______________________________________________
Softwires mailing list
Softwires@ietf.org
https://www1.ietf.org/mailman/listinfo/softwires