The draft talks about the EHC Context to be exchanged via IKE, but I do
not see this in the draft?
Negotiating the whole Context may be quite a bit and needs to be thought
out in a secure sense?
But just negotiating a SCHC RuleID may be simplier. this could be the
sole tie-in with SCHC as the actual SCHC RuleID never goes over the
wire. The SPIs imply the RuleID.
There could be some additional pieces like if the RuleID is for
UDP-Transport, the UDP ports for the SPI pair could be sent so one
RuleID could serve multiple UDP apps.
But I kind of assume that as there is a code implementation, there is a
good understanding of what is needed, but I don't see it in the draft.
Pointers are appreciated.
Bob
_______________________________________________
IPsec mailing list
IPsec@ietf.org
https://www.ietf.org/mailman/listinfo/ipsec