Dear IPsec experts, Since two weeks ago, I updated and advertised the availability of my "01" version of the draft, I have not yet received any new technical comment.
Hence, I would like to take the opportunity to invite you to examine my draft to see if you have any specific concern or question towards this draft. Your valuable comments are truly appreciated. Thanks in advance. Tricci >>>>> Abstract of draft-so-ipsecme-ikev2-cpext-01.txt >>>>> Abstract IPSec IKEv2, RFC 5996 [RFC5996], has been adopted by many standardized network solutions to provide the secure transport between network elements over third party’s infrastructure. For example, the emerging Fixed Mobile Convergence (FMC) network solution that involves Femtocell deployment requires the mobile operator’s Femtocell AP to leverage the IPSec IKEv2 to support mutual authentication and remote IP address configuration as well as other auto configuration support over the broadband fixed network (BBF) of which the mobile and fixed networks may be operated by two different operators. Most of today broadband fixed networks are still relying on the IPv4 private addressing plan to support its attached devices including the mobile operator’s Femtocell AP. Hence, the private IPv4 addressing and Network Address and Port Translation (NA(P)T) support mostly likely stays for many years to come. In FMC interworking scenario, there is a need for the mobile network to pass on it mobile subscribers’ policies to the broadband fixed network (BBF) to maintain the service level agreement (SLA) and to support remote network management. In addition, a broadband fixed network (BBF) may partnership with more than one mobile operator. Therefore it is important for the BBF and the mobile network to be able to overcome the limitation of the private IPv4 addressing and to be able to identify the user’s subscription as well as to determine the location of the Femtocell AP that serves its mobile user over the BBF network. This document presents the problems for the IPSec tunneling support with private IPv4 addressing for FMC interworking and proposes a simple extension to the IKEv2 to resolve the issues. -------------------------------------------------------- ZTE Information Security Notice: The information contained in this mail is solely property of the sender's organization. This mail communication is confidential. Recipients named above are obligated to maintain secrecy and are not permitted to disclose the contents of this communication to others. This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the originator of the message. Any views expressed in this message are those of the individual sender. This message has been scanned for viruses and Spam by ZTE Anti-Spam system.
_______________________________________________ IPsec mailing list IPsec@ietf.org https://www.ietf.org/mailman/listinfo/ipsec
