Compression of IPsec AH and ESP Headers for Constrained Environments
draft-raza-6lo-ipsec-01

The information below is for an old version of the document
Document Type Active Internet-Draft (individual)
Last updated 2015-06-22
Stream (None)
Intended RFC status (None)
Formats pdf htmlized bibtex
Stream Stream state (No stream defined)
Consensus Boilerplate Unknown
RFC Editor Note (None)
IESG IESG state I-D Exists
Telechat date
Responsible AD (None)
Send notices to (None)
6Lo Working Group                                                S. Raza
Internet-Draft                                              S. Duquennoy
Intended Status: Standard Track                          SICS, Stockholm
                                                             G. Selander
                                                     Ericsson, Stockholm
Expires: December 24, 2015                                 June 22, 2015

  Compression of IPsec AH and ESP Headers for Constrained Environments
                        draft-raza-6lo-ipsec-01 

Abstract

   This document describes the header compression mechanisms for IPsec
   [RFC4301] based on the encoding scheme standardized in [RFC6282]. The
   IPsec Authentication Header (AH) and Encapsulated Security Payload
   (ESP) headers are compressed using Next Header Compression (NHC)
   defined in [RFC6282]. This document does not invalidate any encoding
   schemes proposed in 6LoWPAN [RFC6282] but rather complements it with
   compressed IPsec AH and ESP headers using the free bits in the IPv6
   Extension Header encoding.

Status of this Memo

   This Internet-Draft is submitted in full conformance with the
   provisions of BCP 78 and BCP 79.

   Internet-Drafts are working documents of the Internet Engineering
   Task Force (IETF).  Note that other groups may also distribute
   working documents as Internet-Drafts.  The list of current Internet-
   Drafts is at http://datatracker.ietf.org/drafts/current/.

   Internet-Drafts are draft documents valid for a maximum of six months
   and may be updated, replaced, or obsoleted by other documents at any
   time.  It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as "work in progress."

   This Internet-Draft will expire on December 24, 2015.

Copyright and License Notice

   Copyright (c) 2015 IETF Trust and the persons identified as the
   document authors. All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents
 

Raza                   Expires December 24, 2015                [Page 1]
INTERNET DRAFT             IPsec-for-6LoWPAN               June 22, 2015

   (http://trustee.ietf.org/license-info) in effect on the date of
   publication of this document. Please review these documents
   carefully, as they describe your rights and restrictions with respect
   to this document. Code Components extracted from this document must
   include Simplified BSD License text as described in Section 4.e of
   the Trust Legal Provisions and are provided without warranty as
   described in the Simplified BSD License.

Table of Contents

   1  Introduction  . . . . . . . . . . . . . . . . . . . . . . . . .  3
     1.1  Terminology . . . . . . . . . . . . . . . . . . . . . . . .  3
   2.  Linking IPsec Headers Compression with 6LoWPAN . . . . . . . .  3
   3. LOWPAN_NHC for Authentication Header  . . . . . . . . . . . . .  4
   4. LOWPAN_NHC for Encapsulated Security Payload (ESP)  . . . . . .  6
   5. Implementation Considerations . . . . . . . . . . . . . . . . .  8
   6. Security Considerations . . . . . . . . . . . . . . . . . . . .  8
   7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . .  8
   9. References  . . . . . . . . . . . . . . . . . . . . . . . . . .  8
     9.1. Normative References  . . . . . . . . . . . . . . . . . . .  8
     9.2. Informative References  . . . . . . . . . . . . . . . . . .  9
   Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 10

 

Raza                   Expires December 24, 2015                [Page 2]
INTERNET DRAFT             IPsec-for-6LoWPAN               June 22, 2015

1  Introduction

   [RFC6282] defines how IPv6 datagrams can be routed over IEEE 802.15.4
   [IEEE802.15.4]-based networks. [RFC6282] defines header compression
   schemes that can significantly reduce the size of IP, IP extension,
   and UDP headers. This enables the routing of heavy-weight IP traffic
   to resource-constrained [IEEE802.15.4]-based wireless networks. The
   security in [IEEE802.15.4]-based IP networks or what is more commonly
   known as 6LoWPAN networks is particularly important when we connect
   vulnerable wireless networks with the insecure Internet. The
   standardized and SHOULD be supported security solution for IPv6 is IP
   security (IPsec) [RFC4301][RFC6434]. This means that every IPv6 host
   on the Internet SHOULD be able to process IP packets secured with
   IPsec. IPsec, in transport mode, can provide end-to-end (E2E) secure
   communication between two hosts in the Internet. Thus, it is
   beneficial to extend 6LoWPAN so that IPsec communication between an
   IPv6 device (e.g. a sensor node) in 6LoWPAN networks and a IPv6 host
   on the Internet becomes possible. This document does not cover the
Show full document text