A solution to this problem would be very helpful to draft-xu-risav, so I'm definitely supportive of more work on this.
--Ben Schwartz On Tue, Feb 28, 2023 at 3:14 AM Steffen Klassert < [email protected]> wrote: > Hi, > > we just published a new informal problem statement draft > (draft-mrossberg-ipsecme-multiple-sequence-counters-00.txt) > about ESP sequence number problems when using multiple CPU > cores, QoS etc. > > At the last working group meeting in London, it was quite > some interest to work on a re-design of ESP to make it fit > to the multi-cpu case, QoS classes, HW offloads, multipath, > multicast, etc. > > This is a first approach to describe the problems we have > with the current ESP protocol. > > Comments welcome! > > Steffen > > ----- Forwarded message from [email protected] ----- > > Date: Mon, 27 Feb 2023 23:14:14 -0800 > From: [email protected] > To: Michael Pfeiffer <[email protected]>, Michael Rossberg < > [email protected]>, Steffen Klassert > <[email protected]> > Subject: New Version Notification for > draft-mrossberg-ipsecme-multiple-sequence-counters-00.txt > > > A new version of I-D, > draft-mrossberg-ipsecme-multiple-sequence-counters-00.txt > has been successfully submitted by Steffen Klassert and posted to the > IETF repository. > > Name: draft-mrossberg-ipsecme-multiple-sequence-counters > Revision: 00 > Title: Problem statements and uses cases for lightweight Child > Security Associations > Document date: 2023-02-27 > Group: Individual Submission > Pages: 15 > URL: > https://www.ietf.org/archive/id/draft-mrossberg-ipsecme-multiple-sequence-counters-00.txt > Status: > https://datatracker.ietf.org/doc/draft-mrossberg-ipsecme-multiple-sequence-counters/ > Html: > https://www.ietf.org/archive/id/draft-mrossberg-ipsecme-multiple-sequence-counters-00.html > Htmlized: > https://datatracker.ietf.org/doc/html/draft-mrossberg-ipsecme-multiple-sequence-counters > > > Abstract: > IKE SAs may have one or more child SAs that are used for traffic > protection. This document collects arguments for (and against) > having more fine-grained sub-child-SAs. They can be used to separate > data streams for various technical reasons but share the same > security properties and traffic selectors. This shall allow for a > more flexible use of IPsec in multiple scenarios. > > > > > The IETF Secretariat > > > ----- End forwarded message ----- > > _______________________________________________ > IPsec mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/ipsec >
_______________________________________________ IPsec mailing list [email protected] https://www.ietf.org/mailman/listinfo/ipsec
