[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

subIP draft-tsenevir-smpls-doi-00.txt

To: "'idsummary@subip.ietf.org'" <idsummary@subip.ietf.org>
Subject: subIP draft-tsenevir-smpls-doi-00.txt
From: Tissa Senevirathne <tissa@force10networks.com>
Date: Wed, 16 May 2001 12:15:32 -0700
Delivery-date: Wed, 16 May 2001 12:15:43 -0700
Envelope-to: idsummary-data@psg.com


NAME of I-D:

http://search.ietf.org/internet-drafts/draft-tsenevir-smpls-doi-00.txt

(New contact information: tissa@force10networks.com)

SUMMARY:

This I-D defines the Secure MPLS Domain of Interpretation for ISAKMP.
Presented in the discussion are various definitions needed to fully define
the parameters required by SMPLS. The discussion closely follows the IPSec
DOI and where appropriate cross-references are made to IPSec DOI.


RELATED DOCUMENTS:

http://search.ietf.org/internet-drafts/draft-tsenevir-smpls-01.txt
http://search.ietf.org/internet-drafts/draft-schrijvp-mpls-ldp-end-to-end-au
th-03.txt
http://search.ietf.org/internet-drafts/draft-tsenevir-mpls-lauth-00.txt


WHERE DOES IT FIT IN THE PICTURE OF THE SUB-IP WORK

MPLS/CCAMP

WHY IS IT TARGETED AT THIS WG

This document specifies Domain of Interpretation (DOI) for Secure MPLS. The
secure MPLS protects MPLS data plane from data theft and label stack from
connection hijacking, Denial of Service, Label Spoofing etc. The choice of
the working groups within the Sub-IP Area depend on the interpretation of
Secure MPLS. If Secure MPLS is considered as part of the Core MPLS protocol
it may be considered at MPLS WG. On the other hand if this is considered as
Control of MPLS it may be considered at CCAMP WG.

JUSTIFICATION

Broader definition of CCAMP working group includes specifying control of
technologies such as MPLS. Providing security at each level of technology is
in essence a control process of that protocol. As an example IPsec is
considered security control plane of IP. Increasingly MPLS is used as a wide
area protocol to carry various kinds of IP and sub-IP payloads. In some
scenarios use of IPsec to secure the data plane may be either not possible
or an overkill. Existence of well-defined security plane is a prime
requirement in any protocol. MPLS lacks any serious work in the security
plane. Hence we propose to consider Secure MPLS as a Working item either in
CCAMP or MPLS WG. The Secure MPLS work item attempts to specify security
requirements of MPLS and provide solutions to address each of the
requirements.


Milestones

June 2001: Submit first version of MPLS security requirement

December 2001: Submit solutions for Security plane of MPLS
                           Submit DOI for Secure MPLS
                           Begin Discussion of MPLS security requirements

March 2002: Begin Discussion of Security Plane solutions
                     Begin discussion of Secure MPLS DOI
                     Update MPLS security requirements based on discussion

June 2002: Update Security Plane Solution based on the discussion
                  Submit Secure MPLS DOI to IESG as possible RFC
                  Submit MPLS security requirement document to IESG as
possible informational RFC

December 2002: Submission of Security Plane solution to IESG as possible RFC

Prev by Date: subIP draft-tsenevir-smpls-01.txt
Next by Date: gsmp draft-doria-gsmp-req-olsr-01
Prev by thread: gsmp draft-doria-gsmp-req-olsr-01
Next by thread: subIP draft-tsenevir-smpls-01.txt
Index(es):
- Date
- Thread