The MPLS WG Archive[Date Prev][Date Next][Thread Prev][Thread Next] [Date Index][Thread Index][Author Index][Subject Index] Secure MPLS
Tissa,
Given that the upper layers are capable of encryption using mechanisms like
IPSEC, why would a service provider want to encrypt the contents of an MPLS
LSP?
Wouldn't you want to push the encryption function higher in the protocol
stack and closer to the network edges?
Ron
> -----Original Message-----
> From: ppvpn-owner@ppvpn.francetelecom.com
> [mailto:ppvpn-owner@ppvpn.francetelecom.com]On Behalf Of Tissa
> Senevirathne
> Sent: Monday, July 29, 2002 11:03 PM
> To: pwe3@ietf.org; mpls@uu.net; ppvpn@ppvpn.francetelecom.com
> Subject: Secure MPLS
>
>
>
>
>
> At Yokhoma during PWe3 session, it was indicated that hackers are waiting
> for the day that L2 VPN get exposed in the WAN.
>
> In light of that I thought to restart the discussion on Secure MPLS.
>
> The link below is Secure MPLS ID. This ID present how MPLS
> payloads can be
> encrypted in a similar manner like IPsec when upper layers does not have
> security capabilities. Or on links between PE to PE that are exposed to
> public networks.
>
> http://search.ietf.org/internet-drafts/draft-tsenevir-smpls-02.txt
>
> For those who are lot in to Security the DOI (Domain of
> Interpretation) for
> Secure MPLS can be found in
>
> http://search.ietf.org/internet-drafts/draft-tsenevir-smpls-doi-01.txt
>
> Could you provide comments and feedback.
>
> Thanks
>
> Tissa
>
> _________________________________________________________________
> MSN Photos is the easiest way to share and print your photos:
> http://photos.msn.com/support/worldwide.aspx
>
>
|
|