We presented the 01 version at the Alldispatch session in IETF120. The feedback was the mechanism should be discussed in the IPsecme group.
Linda -----Original Message----- From: Michael Richardson <[email protected]> Sent: Tuesday, October 29, 2024 6:01 AM To: [email protected] Subject: [IPsec] Re: Need 10 minutes slot at the IPsecme session Linda Dunbar <[email protected]> wrote: > The primary scenario for the proposed authentication method is from draft-ietf-rtgwg-multi-segment-sdwan > where an additional header (GENEVE Encapsulation [RFC8926]) is added to > the encrypted payload to steer packets through underlay networks. In > these scenarios, the underlay network edge nodes do not decrypt and > re-encrypt the payloads. The header information is used for optimizing > packet forwarding in underlay networks and, therefore, resides outside > the IPsec ESP header. So, why is this an IPsec problem/concern? -- Michael Richardson <[email protected]>, Sandelman Software Works -= IPv6 IoT consulting =- *I*LIKE*TRAINS* _______________________________________________ IPsec mailing list -- [email protected] To unsubscribe send an email to [email protected]
