ipsec September 2009 archive
Main Archive Page > Month Archives  > ipsec archives
ipsec: Re: [IPsec] draft-wong-ipsecme-ikev2-integrity-data-00.tx

Re: [IPsec] draft-wong-ipsecme-ikev2-integrity-data-00.txt

From: Stephen Kent <kent_at_nospam>
Date: Fri Sep 11 2009 - 19:22:49 GMT
To: mwong@huawei.com

At 11:46 AM -0400 9/11/09, Marcus Wong wrote:
>Hi Everyone,
>I'm new to the working group. I've uploaded a draft on the use of notify
>payload for integrity data exchanges in IKEv2 for your comments and review.
>All comments are highly appreciated. Thanks everyone.
>A new version of I-D, draft-wong-ipsecme-ikev2-integrity-data-00.txt has
>been successfuly submitted by Marcus Wong and posted to the IETF repository.
>Filename: draft-wong-ipsecme-ikev2-integrity-data
>Revision: 00
>Title: Integrity Data Exchanges in IKEv2
>Creation_date: 2009-09-11
>WG ID: Independent Submission
>Number_of_pages: 9
>IKEv2 supports mutual authentication of the peers but does not support
>platform integrity validation of the peers nor does it support the exchange
>of data related to the platform integrity validation. This extension allows
>platform integrity validation data to be exchanged from one peer (initiator)
>to another (respondent), allowing the other peer to either use the data for
>statistical analysis, pass it along to a validation entity for validation or
>pass it along to a Fraud Information Gathering System for fraud detection or

I have mot read you I-D, but this sounds like a NEA issue being pushed into an IPsec protocol. Am I wrong?


IPsec mailing list