Labeled IPsec Traffic Selector support for IKEv2
draft-ietf-ipsecme-labeled-ipsec-02

The information below is for an old version of the document
Document Type Expired Internet-Draft (ipsecme WG)
Authors Paul Wouters  , Sahana Prasad 
Last updated 2020-05-07 (latest revision 2019-11-04)
Stream Internet Engineering Task Force (IETF)
Formats
Expired & archived
pdf htmlized bibtex
Additional Resources
- Mailing list discussion
Stream WG state WG Document (wg milestone: Aug 2020 - The security labels ... )
Document shepherd Tero Kivinen
IESG IESG state Expired
Consensus Boilerplate Unknown
Telechat date
Responsible AD (None)
Send notices to Tero Kivinen <kivinen@iki.fi>

This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at
https://www.ietf.org/archive/id/draft-ietf-ipsecme-labeled-ipsec-02.txt

Abstract

This document defines a new Traffic Selector (TS) Type for Internet Key Exchange version 2 to add support for negotiating Mandatory Access Control (MAC) security labels as a traffic selector of the Security Policy Database (SPD). Security Labels for IPsec are also known as "Labeled IPsec". The new TS type is TS_SECLABEL, which consists of a variable length opaque field specifying the security label. This document updates the IKEv2 TS negotiation specified in RFC 7296 Section 2.9.

Authors

Paul Wouters (pwouters@redhat.com)
Sahana Prasad (sahana@redhat.com)

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)