Hi, at the last working group meeting in London, it was quite some interest to work on a re-design of ESP to make it fit to the multi-cpu case, QoS classes, HW offloads etc.
We already have some proposals that try to solve related problems in different ways: IETF 108: https://datatracker.ietf.org/meeting/108/materials/slides-108-ipsecme-proposed-improvements-to-esp-01 IETF 115: https://www.ietf.org/archive/id/draft-ponchon-ipsecme-anti-replay-subspaces-00.txt The Google PSP Security Protocol (PSP) is another new 'ESP like' protocol. There is some interest to standardize PSP, so the issues that are solved there should also be considered when designing a new ESP version. Most concepts that are used in PSP are taken from IPsec ESP, so IMO this should be integrated into the IPsec protocol suite. Is there interest in doing a virtual interim to discuss an ESP re-design? First things to clarify would be: - Does the working group agree to the need of an ESP re-design? - Who is interested to work on that? - What are the problems to solve? - How should the problems be solved? Please let me know if there is interest, Steffen _______________________________________________ IPsec mailing list [email protected] https://www.ietf.org/mailman/listinfo/ipsec
