Multiple Path IP Security
draft-zhang-ipsecme-multi-path-ipsec-02

 
Document
Type Expired Internet-Draft (individual)
Last updated 2013-04-25 (latest revision 2012-10-22)
Stream (None)
Intended RFC status (None)
Formats
Expired & archived
plain text pdf html
Stream
Stream state (No stream defined)
Document shepherd No shepherd assigned
IESG
IESG state Expired
Telechat date
Responsible AD (None)
Send notices to (None)

Email authors IPR References Referenced by Nits Search lists

This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at
https://www.ietf.org/archive/id/draft-zhang-ipsecme-multi-path-ipsec-02.txt

Abstract

This document presents one approach to enhance data protection when transmitting IPsec datagrams across the insecure networks. The method affords the stronger protection to the traffic by splitting it among a set of sub-tunnels. All the Security Associations (SAs) are set up independently for all sub-tunnels. Both the sending and receiving entity combine all the sub-tunnels to one clustered tunnel. As different sub-tunnel uses different crypto key materials and processing parameters, it may achieve the stronger protection of the traffic across the insecure networks. In addition, it could possibly bring more benefits in terms of the network control.

Authors

Xiangyang Zhang (vzhang2008@yahoo.com)
Tina Tsou (tina.tsou.zouting@huawei.com)
Will (liushucheng@huawei.com)

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)