Daniel, I understand that you spend a lot of time in writing these specifications but, as mentioned in the past I just do not see the need for this type of standardization activity. Nobody I have spoken with asks for this functionality.
If there is indeed a need for IPsec ESP use in IoT then I am not sure that the proposed optimizations are so useful given the impact for security. Ciao Hannes On 02/17/2015 04:08 AM, Daniel Migault wrote: > Please find the new version of Diet-ESP a compress IPsec/ESP for IoT. We > have implemented and tested Diet-ESP. Compared to the standard > IPsec/ESP, Diet-ESP can reduce the networking overhead added to > unprotected data from 100% to a few percent. I will be happy to present > these draft next IETF. > > Feel free to make comments! > > The drafts includes: > 1) draft-mglt-6lo-diet-esp-requirements > <http://datatracker.ietf.org/doc/draft-mglt-6lo-diet-esp-requirements/>: > lists the requirements for Diet-ESP > 2) draft-mglt-6lo-aes-implicit-iv > <http://datatracker.ietf.org/doc/draft-mglt-6lo-aes-implicit-iv/>: > indicates how to avoid carrying the IV in each ESP packet. It is instead > generated by each peers. The protocols described in the draft can be > used with the regular IPsec/ESP. > 3) draft-mglt-6lo-diet-esp > <http://datatracker.ietf.org/doc/draft-mglt-6lo-diet-esp/> describes the > core Diet-ESP protocol, that is how to compress/decompress each fields > of the standard IPsec/ESP. Compression is discribed through a Diet-ESP > Context. > 4) draft-mglt-6lo-diet-esp-payload-compression > <http://datatracker.ietf.org/doc/draft-mglt-6lo-diet-esp-payload-compression/>: > describes how the clear text can be compressed before encryption. In > fact unless IPsec/ESP is used with NULL encryption, the data in the ESP > packet is encrypted. Encryption makes compression hard to perform. > Instead compressing before encrypting can be very efficient. This makes > possible to remove UDP/TPC/IP tunnel headers. > 5) draft-mglt-6lo-diet-esp-context-ikev2-extension > <http://datatracker.ietf.org/doc/draft-mglt-6lo-diet-esp-context-ikev2-extension/>: > describes how to negociate Diet-ESP with IKEv2. In fact this mostly > result in an agreement for the DIet-ESP Context. This exchange may then > be extended to Diet-HIP Exchange. > > BR, > Daniel > -- > Daniel Migault > Orange Labs -- Security > +33 6 70 72 69 58 > > > _______________________________________________ > IPsec mailing list > IPsec@ietf.org > https://www.ietf.org/mailman/listinfo/ipsec >
signature.asc
Description: OpenPGP digital signature
_______________________________________________ IPsec mailing list IPsec@ietf.org https://www.ietf.org/mailman/listinfo/ipsec