Inurl draft guidelines for mandating the use of ipsec


20-Oct-2019 10:10

All RFCs are required to have a Security Considerations section.

Historically, such sections have been relatively weak.

It is likely that another impediment to authors who are experts in other areas (NOT security experts) writing the security considerations section of their document is that they might not fully understand how security protocols could or might be used (for example, whether IPsec and associated key management protocols can operate using *only* packet exchange between directly attached systems, or if there needs to be packets exchanged with other not-directly-attached systems. I see this document clearly making the case that "just use IPsec" is not sufficient.

inurl draft guidelines for mandating the use of ipsec-8

Punjabi sex dating site

Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups.Note that other groups may also distribute working documents as Internet ..." This document is an Internet-Draft and is in full conformance with all provisions of Section 10 of RFC2026.Note that other groups may also distribute working documents as Internet-Drafts.It is likely that another impediment to authors who are experts in other areas (NOT security experts) writing the security considerations section of their document is that they might not fully understand how security protocols could or might be used (for example, whether IPsec and associated key management protocols can operate using *only* packet exchange between directly attached systems, or if there needs to be packets exchanged with other not-directly-attached systems). I see this document clearly making the case that "just use IPsec" is not sufficient.

However, I don't see it as being sufficient in the more important point of helping authors understand what they need to write instead.[Ballot discuss]The introductions says: This document offers some guidance on when IPsec should and should not be specified.

There are additional requirements for what needs to bespecified for IKEV2 not covered in your spec.