How would someone today do the equivalent of RFC8052 with G-IKEv2 ? On Mon, Feb 05, 2024 at 04:06:11AM +0000, Fries, Steffen wrote: > Hi, > > I've got a question regarding the relation of G-IKEv2 and GDOI. > > I realized that G-IKEv2 will be the successor of GDOI and would have a > question regarding backward compatibility of payloads defined for GDOI. As > the underlying exchanges for the base key management changed from IKE to > IKEv2 they will not be backward compatible. Nevertheless, there have been > enhancements of GDOI for protocols used in the power system domain like GOOSE > and Sampled Values, which lead to the definition of new payloads for the ID, > SA TEK and KD payloads to accommodate the power system protocol parameters in > RFC 8052. Likewise, using the same approach new payloads of the same types > have been defined to distribute parameters for PTP (Precision Time Protocol) > in IEC 62351-9. > > In general, I realized that there are similar payloads available in G-IKEv2 > but I was not quite sure, if it was a design criterion to have backward > compatibility for extensions/enhancements defined for GDOI to be usable also > in G-IKEv2. Could you please shed some light on this? > > Best regards > Steffen > > -- > Steffen Fries > > Siemens AG > Technology > Cybersecurity & Trust > T CST > Otto-Hahn-Ring 6 > 81739 Munich, Germany > Phone: +49 (89) 7805-22928 > mailto:[email protected] > www.siemens.com > [Logo] > Siemens Aktiengesellschaft: Chairman of the Supervisory Board: Jim Hagemann > Snabe; Managing Board: Roland Busch, Chairman, President and Chief Executive > Officer; Cedrik Neike, Matthias Rebellius, Ralf P. Thomas, Judith Wiese; > Registered offices: Berlin and Munich, Germany; Commercial registries: > Berlin-Charlottenburg, HRB 12300, Munich, HRB 6684; WEEE-Reg.-No. DE 23691322
_______________________________________________ IPsec mailing list [email protected] https://www.ietf.org/mailman/listinfo/ipsec
