Hi,
Yoav and I just published this draft. The two main points are:
- IPsec opportunistic encryption is also interesting between security
gateways, not only between hosts.
- With a bit of extra plumbing, opportunistic encryption can be
"upgraded" post facto into full authentication.
Comments are welcome on this list, but note that this is not proposed as
a working group document.
Thanks,
Yaron
-------- Original Message --------
Subject: New Version Notification for draft-sheffer-autovpn-00.txt
Date: Mon, 03 Feb 2014 19:30:45 -0800
From: [email protected]
To: Yoav Nir <[email protected]>, Yaron Sheffer
<[email protected]>, "Yaron Sheffer" <[email protected]>, "Yoav
Nir" <[email protected]>
A new version of I-D, draft-sheffer-autovpn-00.txt
has been successfully submitted by Yaron Sheffer and posted to the
IETF repository.
Name: draft-sheffer-autovpn
Revision: 00
Title: The AutoVPN Architecture
Document date: 2014-02-04
Group: Individual Submission
Pages: 17
URL:
http://www.ietf.org/internet-drafts/draft-sheffer-autovpn-00.txt
Status: https://datatracker.ietf.org/doc/draft-sheffer-autovpn/
Htmlized: http://tools.ietf.org/html/draft-sheffer-autovpn-00
Abstract:
This document describes the AutoVPN architecture. AutoVPN allows
IPsec security associations to be set up with no prior configuration,
using the "leap of faith" paradigm. The document defines a
lightweight protocol for negotiating such opportunistic encryption
either directly between hosts or between two security gateways on the
path.
Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org.
The IETF Secretariat
_______________________________________________
IPsec mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/ipsec
