[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: GSE
In your previous mail you wrote:
> I guess that the long answer to your question can be found at:
>
> draft-ietf-ipngwg-esd-analysis-*.txt
That draft was never published as an RFC mostly because the IESG, IAB,
and several IETF Security Directorate members believed that it was not
factually correct. The biggest issue is that it does not describe
the actual GSE/8+8 proposal accurately -- so the criticisms are of
something not quite the same as GSE/8+8. This is NOT to imply that
the IESG, IAB, or other folks thought that GSE/8+8 was without
problems -- merely that the above draft was not on-target in its claims.
So folks should add a lot of salt when reading that draft.
=> but this draft (draft-ietf-ipngwg-esd-analysis-05.txt) remains
the best introduction to two-space systems... I remember the interim
meeting where GSE/8+8 was not adopted: the main problem was failover.
Please lets move forward on multi6, rather than revisiting painful old
IPng WG history here.
=> two-space systems are still raisonable long term solutions, especially
HIP (Host Identity Payload Protocol) which doesn't share the security
concern on the binding between the locator and the identity.
(PS: and its overhead is not a problem for guys like me who'd like
to hide everything behind ESP :-).
Thanks
Francis.Dupont@enst-bretagne.fr
- Follow-Ups:
- Re: GSE
- From: Iljitsch van Beijnum <iljitsch@muada.com>
- References:
- Re: GSE
- From: RJ Atkinson <rja@extremenetworks.com>