Browse Prior Art Database

RSIP Support for End-to-end IPsec (RFC3104)

IP.com Disclosure Number: IPCOM000005855D
Original Publication Date: 2001-Oct-01
Included in the Prior Art Database: 2019-Feb-13
Document File: 19 page(s) / 25K

Publishing Venue

Internet Society Requests For Comment (RFCs)

Related People

G. Montenegro: AUTHOR [+1]

Related Documents

10.17487/RFC3104: DOI

Abstract

This document proposes mechanisms that enable Realm Specific IP (RSIP) to handle end-to-end IPsec (IP Security). This memo defines an Experimental Protocol for the Internet community.

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 9% of the total text.

Network Working Group G. Montenegro Request for Comments: 3104 Sun Microsystems, Inc. Category: Experimental M. Borella CommWorks October 2001

RSIP Support for End-to-end IPsec

Status of this Memo

This memo defines an Experimental Protocol for the Internet community. It does not specify an Internet standard of any kind. Discussion and suggestions for improvement are requested. Distribution of this memo is unlimited.

Copyright Notice

Copyright (C) The Internet Society (2001). All Rights Reserved.

IESG Note

The IESG notes that the set of documents describing the RSIP technology imply significant host and gateway changes for a complete implementation. In addition, the floating of port numbers can cause problems for some applications, preventing an RSIP-enabled host from interoperating transparently with existing applications in some cases (e.g., IPsec). Finally, there may be significant operational complexities associated with using RSIP. Some of these and other complications are outlined in section 6 of the RFC 3102, as well as in the Appendices of RFC 3104. Accordingly, the costs and benefits of using RSIP should be carefully weighed against other means of relieving address shortage.

Abstract

This document proposes mechanisms that enable Realm Specific IP (RSIP) to handle end-to-end IPsec (IP Security).

Montenegro & Borella Experimental [Page 1]

RFC 3104 RSIP Support for End-to-end IPsec October 2001

Table of Contents

1. Introduction .................................................. 2 2. Model ......................................................... 2 3. Implementation Notes .......................................... 3 4. IKE Handling and Demultiplexing ............................... 4 5. IPsec Handling and Demultiplexing ............................. 5 6. RSIP Protocol Extensions ...................................... 6 6.1 IKE Support in RSIP ....................................... 6 6.2 IPsec Support in RSIP ..................................... 7 7. IANA Considerations ........................................... 10 8. Security Considerations ....................................... 10 9. Acknowledgements .............................................. 10 References ....................................................... 11 Authors’ Addresses ............................................... 12 Appendix A: On Optional Port Allocation to RSIP Clients .......... 13 Appendix B: RSIP Error Numbers for IKE and IPsec Support ......... 14 Appendix C: Message Type Values for IPsec Support ................ 14 Appendix D: A Note on Flow Policy Enforcement .................... 14 Appendix E: Remote Host Rekeying ................................. 14 Appendix F: Example Application Scenarios ........................ 15 Appendix G: Thoughts on Supporting Incoming Connections .......... 17 Full Copyright Statement ......................................... 19

1. Introduction

This document specifies RSIP extensions to enable end-to-end IPsec. It assumes the...

Processing...
Loading...