A New Internet-Draft is available from the on-line Internet-Drafts directories.
Title : IPsec sequence number integrity check value
Author(s) : Jifei Song
Tina Tsou
Vishwas Manral
Filename : draft-song-ipsecme-seq-icv-01.txt
Pages : 10
Date : 2013-07-08
Abstract:
This document specifies an IPsec AH and ESP sequence number
validation scheme, which is complementary to the existing ICV
mechanism and anti-replay mechanism of AH and ESP in defense against
DOS attack. It is an optional feature negotiable through IKE, for
this feature to be negotiated, both sender and receiver must
implement it. If any party doesn't support it, then this feature
should be excluded from negotiation. The rationale for such a scheme
is discussed first; then requirements and guidelines for design of
the scheme are laid out. There can be various ways to implement the
scheme, some reference designs are discussed to set the base for
effort of identifying best practice and eventually establishing a
standard on the subject.
The IETF datatracker status page for this draft is:
https://datatracker.ietf.org/doc/draft-song-ipsecme-seq-icv
There's also a htmlized version available at:
http://tools.ietf.org/html/draft-song-ipsecme-seq-icv-01
A diff from the previous version is available at:
http://www.ietf.org/rfcdiff?url2=draft-song-ipsecme-seq-icv-01
Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/
_______________________________________________
I-D-Announce mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/i-d-announce
Internet-Draft directories: http://www.ietf.org/shadow.html
or ftp://ftp.ietf.org/ietf/1shadow-sites.txt
