Re: [IPsec] I-D Action: draft-antony-ipsecme-beet-mode-00.txt

Mon, 06 Nov 2023 02:46:55 -0800 

I should point out that BEET mode is defined in

rfc 7402

This is the basis for the BEET code in the Linux kernel.

It should incorporate everything in Pekka's older drafts.
Note that I am a co-author of 7402, but the Ericsson team did all the heavy lifting.
As defined in 7402 it is used in a few products.  Some implementations, I have been told, are in US military use. 

Bob

On 10/27/23 06:17, Antony Antony wrote:

Hi,

We've submitted a draft proposal to revive and standardize IPsec BEET mode,
which is widely used but had its previous ID expire in 2009. This proposal
also includes a suggestion for introducing IKE Notification for negotiation
purposes.

We'd appreciate your feedback on this ID. If you're aware of any more use
cases for BEET mode, please share them. I would like to add a few more to
the ID. The original ID emphasized mobility as use case, and we're
considering whether to keep those aspects in the new proposal. If you use or
likely to use BEET mode with mobility please share your thoughts.

I'll be discussing these points at the upcoming IETF 118 meeting in Prague.

-antony


On Mon, Oct 23, 2023 at 09:08:05AM -0700, internet-dra...@ietf.org wrote:

Internet-Draft draft-antony-ipsecme-beet-mode-00.txt is now available.

    Title:   A Bound End-to-End Tunnel (BEET) mode for ESP
    Authors: Antony Antony
             Steffen Klassert
    Name:    draft-antony-ipsecme-beet-mode-00.txt
    Pages:   21
    Dates:   2023-10-23

Abstract:

    This document specifies a new mode for IPsec ESP, known as Bound End-
    to-End Tunnel (BEET) mode.  This mode complements the existing ESP
    tunnel and transport modes, while enhancing end-to-end IPsec usage.
    It offers the characteristics of the tunnel mode but without its
    usual overhead.  The BEET mode is designed to accommodate evolving
    applications of ESP, such as minimalist end-to-end tunnel, mobility
    and multi-address multi-homing.  Additionally, this document proposes
    a new Notify Message, USE_BEET_MODE, for the Internet Key Exchange
    Protocol Version 2 (IKEv2) specified in [RFC7296], to facilitate BEET
    mode Security Association negotiation.

The IETF datatracker status page for this Internet-Draft is:
https://datatracker.ietf.org/doc/draft-antony-ipsecme-beet-mode/

There is also an HTML version available at:
https://www.ietf.org/archive/id/draft-antony-ipsecme-beet-mode-00.html

Internet-Drafts are also available by rsync at:
rsync.ietf.org::internet-drafts



_______________________________________________
IPsec mailing list
IPsec@ietf.org
https://www.ietf.org/mailman/listinfo/ipsec


_______________________________________________
IPsec mailing list
IPsec@ietf.org
https://www.ietf.org/mailman/listinfo/ipsec

Reply via email to