| Main Archive Page > Month Archives > ipsec archives |
[IPsec] Protocol Action: 'Redirect Mechanism for IKEv2' to Proposed Standard
From: The IESG <iesg-secretary_at_nospam>Date: Thu Sep 17 2009 - 16:23:20 GMT
To: IETF-Announce <ietf-announce@ietf.org>
The IESG has approved the following document:
- 'Redirect Mechanism for IKEv2 ' <draft-ietf-ipsecme-ikev2-redirect-13.txt> as a Proposed Standard
This document is the product of the IP Security Maintenance and Extensions Working Group.
The IESG contact persons are Tim Polk and Pasi Eronen.
A URL of this Internet-Draft is:
http://www.ietf.org/internet-drafts/draft-ietf-ipsecme-ikev2-redirect-13.txt
Technical Summary
This document defines a redirect mechanism for IKEv2. The main use case is scalability of large deployments of remote access VPN gateways. The proposed mechanism can also be used in Mobile IPv6, where signaling is protected by IKE/IPsec, to support the home agent in redirecting the mobile node to another home agent.
Working Group Summary
The document represents the consensus opinion of the ipsecme WG.
Document Quality
We are not aware of any implementations, and no vendors have announced implementation plans.
Personnel
Yaron Sheffer is the Document Shepherd for this document. Tim Polk is the Responsible Area Director. The IANA Expert for the Gateway Identity Type registry (created by this document) is Tero Kivinen.
RFC Editor Note
Please append the following text as a new paragraph at the end of Section 3:
This document allows the client to be redirected in several protocol states. In some of them the gateway is already authenticated at the point of redirect, and in others it is not. We emphasize that the above rules regarding the identity of the new gateway and the PAD and SPD entries apply equally to all these scenarios.
IPsec mailing list
IPsec@ietf.org
https://www.ietf.org/mailman/listinfo/ipsec