summaryrefslogtreecommitdiff
path: root/papers/draft-gsenger-secure-anycast-tunneling-protocol-02.txt
diff options
context:
space:
mode:
Diffstat (limited to 'papers/draft-gsenger-secure-anycast-tunneling-protocol-02.txt')
-rw-r--r--papers/draft-gsenger-secure-anycast-tunneling-protocol-02.txt130
1 files changed, 65 insertions, 65 deletions
diff --git a/papers/draft-gsenger-secure-anycast-tunneling-protocol-02.txt b/papers/draft-gsenger-secure-anycast-tunneling-protocol-02.txt
index e0169de..b0fb6bf 100644
--- a/papers/draft-gsenger-secure-anycast-tunneling-protocol-02.txt
+++ b/papers/draft-gsenger-secure-anycast-tunneling-protocol-02.txt
@@ -2,8 +2,8 @@
Network Working Group O. Gsenger
-Internet-Draft May 6, 2008
-Expires: November 7, 2008
+Internet-Draft May 2008
+Expires: November 2, 2008
secure anycast tunneling protocol (SATP)
@@ -32,11 +32,10 @@ Status of this Memo
The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html.
- This Internet-Draft will expire on November 7, 2008.
+ This Internet-Draft will expire on November 2, 2008.
+
-Copyright Notice
- Copyright (C) The IETF Trust (2008).
@@ -52,7 +51,8 @@ Copyright Notice
-Gsenger Expires November 7, 2008 [Page 1]
+
+Gsenger Expires November 2, 2008 [Page 1]
Internet-Draft secure anycast tunneling protocol (SATP) May 2008
@@ -64,10 +64,10 @@ Abstract
tunnel endpoints. It allows tunneling of every ETHER TYPE protocol
(ethernet, ip ...). SATP directly includes cryptography and message
authentication based on the methods used by the Secure Real-time
- Transport Protocol(SRTP) [1]. It can be used as an encrypted
- alternative to IP Encapsulation within IP [3] and Generic Routing
- Encapsulation (GRE) [4]. Both anycast receivers and senders are
- supported.
+ Transport Protocol(SRTP) [RFC3711]. It can be used as an encrypted
+ alternative to IP Encapsulation within IP [RFC2003] and Generic
+ Routing Encapsulation (GRE) [RFC2784]. Both anycast receivers and
+ senders are supported.
Table of Contents
@@ -108,28 +108,28 @@ Table of Contents
-Gsenger Expires November 7, 2008 [Page 2]
+Gsenger Expires November 2, 2008 [Page 2]
Internet-Draft secure anycast tunneling protocol (SATP) May 2008
1. Introduction
- SATP is a mixture of a generic encapsulation protocol like GRE [4]
- and a secure tunneling protocol as IPsec [5] in tunnel mode. It can
- be used to build redundant virtual private network (VPN) connections.
- It supports peer-to-peer tunnels, where tunnel endpoints can be any
- combination of unicast, multicast or anycast hosts, so it defines a
- Host Anycast Service [6]. Encryption is done per packet, so the
- protocol is robust against packet loss and routing changes. To
- reduce header overhead ncryption techniques of SRTP [1] are being
- used.
+ SATP is a mixture of a generic encapsulation protocol like GRE
+ [RFC2784] and a secure tunneling protocol as IPsec [RFC2401] in
+ tunnel mode. It can be used to build redundant virtual private
+ network (VPN) connections. It supports peer-to-peer tunnels, where
+ tunnel endpoints can be any combination of unicast, multicast or
+ anycast hosts, so it defines a Host Anycast Service [RFC1546].
+ Encryption is done per packet, so the protocol is robust against
+ packet loss and routing changes. To reduce header overhead,
+ encryption techniques of SRTP [RFC3711] are being used.
1.1. Notational Conventions
The keywords "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
- document are to be interpreted as described in RFC2119 [2].
+ document are to be interpreted as described in RFC2119 [RFC2119].
@@ -164,7 +164,7 @@ Internet-Draft secure anycast tunneling protocol (SATP) May 2008
-Gsenger Expires November 7, 2008 [Page 3]
+Gsenger Expires November 2, 2008 [Page 3]
Internet-Draft secure anycast tunneling protocol (SATP) May 2008
@@ -220,7 +220,7 @@ Internet-Draft secure anycast tunneling protocol (SATP) May 2008
-Gsenger Expires November 7, 2008 [Page 4]
+Gsenger Expires November 2, 2008 [Page 4]
Internet-Draft secure anycast tunneling protocol (SATP) May 2008
@@ -276,7 +276,7 @@ Internet-Draft secure anycast tunneling protocol (SATP) May 2008
-Gsenger Expires November 7, 2008 [Page 5]
+Gsenger Expires November 2, 2008 [Page 5]
Internet-Draft secure anycast tunneling protocol (SATP) May 2008
@@ -332,7 +332,7 @@ Internet-Draft secure anycast tunneling protocol (SATP) May 2008
-Gsenger Expires November 7, 2008 [Page 6]
+Gsenger Expires November 2, 2008 [Page 6]
Internet-Draft secure anycast tunneling protocol (SATP) May 2008
@@ -388,7 +388,7 @@ Internet-Draft secure anycast tunneling protocol (SATP) May 2008
-Gsenger Expires November 7, 2008 [Page 7]
+Gsenger Expires November 2, 2008 [Page 7]
Internet-Draft secure anycast tunneling protocol (SATP) May 2008
@@ -411,8 +411,8 @@ Internet-Draft secure anycast tunneling protocol (SATP) May 2008
3.2. ICMP messages
- ICMP messages MUST be relayed according to rfc2003 section 4 [3].
- This is needed for path MTU detection.
+ ICMP messages MUST be relayed according to rfc2003 section 4
+ [RFC2003]. This is needed for path MTU detection.
@@ -444,7 +444,7 @@ Internet-Draft secure anycast tunneling protocol (SATP) May 2008
-Gsenger Expires November 7, 2008 [Page 8]
+Gsenger Expires November 2, 2008 [Page 8]
Internet-Draft secure anycast tunneling protocol (SATP) May 2008
@@ -500,7 +500,7 @@ Internet-Draft secure anycast tunneling protocol (SATP) May 2008
-Gsenger Expires November 7, 2008 [Page 9]
+Gsenger Expires November 2, 2008 [Page 9]
Internet-Draft secure anycast tunneling protocol (SATP) May 2008
@@ -508,7 +508,7 @@ Internet-Draft secure anycast tunneling protocol (SATP) May 2008
4.5. payload type
The payload type field defines the payload protocol. ETHER TYPE
- protocol numbers are used. See IANA assigned ethernet numbers [7] .
+ protocol numbers are used. See IANA assigned ethernet numbers [1] .
The values 0000-05DC are reserverd and MUST NOT be used.
Some examples for protocol numbers
@@ -546,7 +546,7 @@ Internet-Draft secure anycast tunneling protocol (SATP) May 2008
4.9. MKI (OPTIONAL)
The MKI (Master Key Identifier) is OPTIONAL and of configurable
- length. See SRTP Section 3.1 [1] for details.
+ length. See SRTP Section 3.1 [RFC3711] for details.
4.10. authentication tag (RECOMMENDED)
@@ -556,7 +556,7 @@ Internet-Draft secure anycast tunneling protocol (SATP) May 2008
-Gsenger Expires November 7, 2008 [Page 10]
+Gsenger Expires November 2, 2008 [Page 10]
Internet-Draft secure anycast tunneling protocol (SATP) May 2008
@@ -567,9 +567,9 @@ Internet-Draft secure anycast tunneling protocol (SATP) May 2008
4.11. Encryption
- Encryption is done in the same way as for SRTP [1]. This section
- will only discuss some small changes that HAVE TO be made. Please
- read SRTP RFC3711 section 3-9 [1] for details.
+ Encryption is done in the same way as for SRTP [RFC3711]. This
+ section will only discuss some small changes that HAVE TO be made.
+ Please read SRTP RFC3711 section 3-9 [RFC3711] for details.
The least significant bits of SSRC are replaced by the sender ID and
the most significant bits are replaced by the MUX. For the SRTP SEQ
@@ -612,16 +612,17 @@ Internet-Draft secure anycast tunneling protocol (SATP) May 2008
-Gsenger Expires November 7, 2008 [Page 11]
+Gsenger Expires November 2, 2008 [Page 11]
Internet-Draft secure anycast tunneling protocol (SATP) May 2008
5. Security Considerations
- As SATP uses the same encryption techniques as SRTP [1], it shares
- the same security issues. This section will only discuss some small
- changes. Please read SRTP RFC3711 section 9 [1] for details.
+ As SATP uses the same encryption techniques as SRTP [RFC3711], it
+ shares the same security issues. This section will only discuss some
+ small changes. Please read SRTP RFC3711 section 9 [RFC3711] for
+ details.
5.1. Replay protection
@@ -667,8 +668,7 @@ Internet-Draft secure anycast tunneling protocol (SATP) May 2008
-
-Gsenger Expires November 7, 2008 [Page 12]
+Gsenger Expires November 2, 2008 [Page 12]
Internet-Draft secure anycast tunneling protocol (SATP) May 2008
@@ -724,7 +724,7 @@ Internet-Draft secure anycast tunneling protocol (SATP) May 2008
-Gsenger Expires November 7, 2008 [Page 13]
+Gsenger Expires November 2, 2008 [Page 13]
Internet-Draft secure anycast tunneling protocol (SATP) May 2008
@@ -733,26 +733,27 @@ Internet-Draft secure anycast tunneling protocol (SATP) May 2008
7.1. Normative References
- [1] Baugher, M., McGrew, D., Naslund, M., Carrara, E., and K.
- Norrman, "The Secure Real-time Transport Protocol (SRTP)",
- RFC 3711, March 2004.
+ [RFC3711] Baugher, M., McGrew, D., Naslund, M., Carrara, E., and K.
+ Norrman, "The Secure Real-time Transport Protocol (SRTP)",
+ RFC 3711, March 2004.
- [2] Bradner, S., "Key words for use in RFCs to Indicate Requirement
- Levels", BCP 14, RFC 2119, March 1997.
+ [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
+ Requirement Levels", BCP 14, RFC 2119, March 1997.
- [3] Perkins, C., "IP Encapsulation within IP", RFC 2003,
- October 1996.
+ [RFC2003] Perkins, C., "IP Encapsulation within IP", RFC 2003,
+ October 1996.
7.2. Informational References
- [4] Farinacci, D., Li, T., Hanks, S., Meyer, D., and P. Traina,
- "Generic Routing Encapsulation (GRE)", RFC 2784, March 2000.
+ [RFC2784] Farinacci, D., Li, T., Hanks, S., Meyer, D., and P.
+ Traina, "Generic Routing Encapsulation (GRE)", RFC 2784,
+ March 2000.
- [5] Kent, S. and R. Atkinson, "Security Architecture for the
- Internet Protocol", RFC 2401, November 1998.
+ [RFC2401] Kent, S. and R. Atkinson, "Security Architecture for the
+ Internet Protocol", RFC 2401, November 1998.
- [6] Partridge, C., Mendez, T., and W. Milliken, "Host Anycasting
- Service", RFC 1546, November 1993.
+ [RFC1546] Partridge, C., Mendez, T., and W. Milliken, "Host
+ Anycasting Service", RFC 1546, November 1993.
@@ -779,15 +780,14 @@ Internet-Draft secure anycast tunneling protocol (SATP) May 2008
-
-Gsenger Expires November 7, 2008 [Page 14]
+Gsenger Expires November 2, 2008 [Page 14]
Internet-Draft secure anycast tunneling protocol (SATP) May 2008
URIs
- [7] <http://www.iana.org/assignments/ethernet-numbers>
+ [1] <http://www.iana.org/assignments/ethernet-numbers>
@@ -836,7 +836,7 @@ URIs
-Gsenger Expires November 7, 2008 [Page 15]
+Gsenger Expires November 2, 2008 [Page 15]
Internet-Draft secure anycast tunneling protocol (SATP) May 2008
@@ -892,7 +892,7 @@ Author's Address
-Gsenger Expires November 7, 2008 [Page 16]
+Gsenger Expires November 2, 2008 [Page 16]
Internet-Draft secure anycast tunneling protocol (SATP) May 2008
@@ -939,14 +939,14 @@ Intellectual Property
ietf-ipr@ietf.org.
-Acknowledgment
- Funding for the RFC Editor function is provided by the IETF
- Administrative Support Activity (IASA).
-Gsenger Expires November 7, 2008 [Page 17]
+
+
+
+Gsenger Expires November 2, 2008 [Page 17]