Hi, Alper Not all of them.
-Hui 2009/12/2 Alper Yegin <alper.ye...@yegin.org>: > Hi Hui, > > Are all 4 motivations below part of 3gpp discussion? > > Alper > > >> -----Original Message----- >> From: ipsec-boun...@ietf.org [mailto:ipsec-boun...@ietf.org] On Behalf >> Of Hui Deng >> Sent: Tuesday, December 01, 2009 3:28 PM >> To: Yoav Nir >> Cc: ipsec@ietf.org; Alper Yegin >> Subject: Re: [IPsec] Proposed work item: Childless IKE SA >> >> During the last 3GPP SA3 meeting, such requirement about HNB has also >> been approved as well. >> >> thanks >> >> -Hui >> >> 2009/12/1 Yoav Nir <y...@checkpoint.com>: >> > There were several motivations listed for childless IKE SAs. >> > - remote access, where you create an IKE SA when the user wants to >> connect, and only create child SAs in response to traffic >> > - authentication only over a physically secure network (not >> necessarily EAP, but I think this is the use case you referred to) >> > - Location awareness (as in the SecureBeacon draft) >> > - Some "weird" uses such as liveness checks without IPsec, NAT >> detection, etc. >> > >> > >> > On Dec 1, 2009, at 2:29 PM, Alper Yegin wrote: >> > >> >> One of the (or main?) motivations of this proposal is to turn IKEv2 >> into >> >> "EAP-based network access authentication protocol". RFC 5191 is >> designed >> >> for that purpose, and I'm not sure if we need to twist a protocol >> for the >> >> same purpose. >> >> >> >> >> >> >> >>> -----Original Message----- >> >>> From: ipsec-boun...@ietf.org [mailto:ipsec-boun...@ietf.org] On >> Behalf >> >>> Of Yaron Sheffer >> >>> Sent: Sunday, November 29, 2009 7:21 PM >> >>> To: ipsec@ietf.org >> >>> Subject: [IPsec] Proposed work item: Childless IKE SA >> >>> >> >>> This draft proposes an IKEv2 extension to allow the setup of an IKE >> SA >> >>> with no Child SA, a situation which is currently disallowed by the >> >>> protocol. >> >>> >> >>> Proposed starting point: http://tools.ietf.org/id/draft-nir- >> ipsecme- >> >>> childless-01.txt. >> >>> >> >>> Please reply to the list: >> >>> >> >>> - If this proposal is accepted as a WG work item, are you >> committing to >> >>> review multiple versions of the draft? >> >>> - Are you willing to contribute text to the draft? >> >>> - Would you like to co-author it? >> >>> >> >>> Please also reply to the list if: >> >>> >> >>> - You believe this is NOT a reasonable activity for the WG to spend >> >>> time on. >> >>> >> >>> If this is the case, please explain your position. Do not explore >> the >> >>> fine technical details (which will change anyway, once the WG gets >> hold >> >>> of the draft); instead explain why this is uninteresting for the WG >> or >> >>> for the industry at large. Also, please mark the title clearly >> (e.g. >> >>> "DES40-export in IPsec - NO!"). >> >>> _______________________________________________ >> >>> IPsec mailing list >> >>> IPsec@ietf.org >> >>> https://www.ietf.org/mailman/listinfo/ipsec >> >> >> >> _______________________________________________ >> >> IPsec mailing list >> >> IPsec@ietf.org >> >> https://www.ietf.org/mailman/listinfo/ipsec >> >> >> >> Scanned by Check Point Total Security Gateway. >> > >> > _______________________________________________ >> > IPsec mailing list >> > IPsec@ietf.org >> > https://www.ietf.org/mailman/listinfo/ipsec >> > >> _______________________________________________ >> IPsec mailing list >> IPsec@ietf.org >> https://www.ietf.org/mailman/listinfo/ipsec > > _______________________________________________ > IPsec mailing list > IPsec@ietf.org > https://www.ietf.org/mailman/listinfo/ipsec > _______________________________________________ IPsec mailing list IPsec@ietf.org https://www.ietf.org/mailman/listinfo/ipsec
