Authenticated Firewall Traversal with IPsec.
|Document||Type||Expired Internet-Draft (individual)|
|Intended RFC status||(None)|
Expired & archivedplain text pdf html bibtex
|Stream||Stream state||(No stream defined)|
|RFC Editor Note||(None)|
|Send notices to||(None)|
A number of proposed protocols describe mechanisms whereby end to end authentication or privacy may be negotiated: most notable is the IPSEC working group where these issues are dealt with in a general way. Some relating working groups make use of the IPSEC (and related IPv6 facilities) facilities to provide authentication services (mobileip), while other groups (notably SNMPv2, RSVP, OSPF, BGP, AFT and CAT) provide their own facilities. This documents describes some of the common considerations for all of these protocols when there exists security gateway(s) (aka 'firewalls') between the end nodes that are negotiating security. This document does not enter into the debate about node security versus network security. It is assumed that the need for firewall like facilities will continue to exist for sometime. Whether or not IPSEC and/or IPv6 security services make firewalls obsolete or more common will remain a heated question for sometime.
(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)