Hi, we just published a new informal problem statement draft (draft-mrossberg-ipsecme-multiple-sequence-counters-00.txt) about ESP sequence number problems when using multiple CPU cores, QoS etc.
At the last working group meeting in London, it was quite some interest to work on a re-design of ESP to make it fit to the multi-cpu case, QoS classes, HW offloads, multipath, multicast, etc. This is a first approach to describe the problems we have with the current ESP protocol. Comments welcome! Steffen ----- Forwarded message from internet-dra...@ietf.org ----- Date: Mon, 27 Feb 2023 23:14:14 -0800 From: internet-dra...@ietf.org To: Michael Pfeiffer <michael.pfeif...@tu-ilmenau.de>, Michael Rossberg <michael.rossb...@tu-ilmenau.de>, Steffen Klassert <steffen.klass...@secunet.com> Subject: New Version Notification for draft-mrossberg-ipsecme-multiple-sequence-counters-00.txt A new version of I-D, draft-mrossberg-ipsecme-multiple-sequence-counters-00.txt has been successfully submitted by Steffen Klassert and posted to the IETF repository. Name: draft-mrossberg-ipsecme-multiple-sequence-counters Revision: 00 Title: Problem statements and uses cases for lightweight Child Security Associations Document date: 2023-02-27 Group: Individual Submission Pages: 15 URL: https://www.ietf.org/archive/id/draft-mrossberg-ipsecme-multiple-sequence-counters-00.txt Status: https://datatracker.ietf.org/doc/draft-mrossberg-ipsecme-multiple-sequence-counters/ Html: https://www.ietf.org/archive/id/draft-mrossberg-ipsecme-multiple-sequence-counters-00.html Htmlized: https://datatracker.ietf.org/doc/html/draft-mrossberg-ipsecme-multiple-sequence-counters Abstract: IKE SAs may have one or more child SAs that are used for traffic protection. This document collects arguments for (and against) having more fine-grained sub-child-SAs. They can be used to separate data streams for various technical reasons but share the same security properties and traffic selectors. This shall allow for a more flexible use of IPsec in multiple scenarios. The IETF Secretariat ----- End forwarded message ----- _______________________________________________ IPsec mailing list IPsec@ietf.org https://www.ietf.org/mailman/listinfo/ipsec