Skip to main content

Labeled IPsec Traffic Selector support for IKEv2
draft-ietf-ipsecme-labeled-ipsec-04

The information below is for an old version of the document.
Document Type Expired Internet-Draft (ipsecme WG)
Authors Paul Wouters , Sahana Prasad
Last updated 2021-05-03 (Latest revision 2020-10-30)
Stream Internet Engineering Task Force (IETF)
Formats
Expired & archived
plain text xml htmlized pdfized bibtex
Stream WG state WG Document
Associated WG milestone
Jul 2022
The security labels support for IKEv2 to IESG
Document shepherd Tero Kivinen
IESG IESG state Expired
Consensus boilerplate Unknown
Telechat date (None)
Responsible AD (None)
Send notices to Tero Kivinen <kivinen@iki.fi>
This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at:
https://www.ietf.org/archive/id/draft-ietf-ipsecme-labeled-ipsec-04.txt

Abstract

This document defines a new Traffic Selector (TS) Type for Internet Key Exchange version 2 to add support for negotiating Mandatory Access Control (MAC) security labels as a traffic selector of the Security Policy Database (SPD). Security Labels for IPsec are also known as "Labeled IPsec". The new TS type is TS_SECLABEL, which consists of a variable length opaque field specifying the security label. This document updates the IKEv2 TS negotiation specified in RFC 7296 Section 2.9.

Authors

Paul Wouters
Sahana Prasad

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)