--------------------

[Comment from secretary: draft-dupont-ikev2-addrmgmt-04.txt 
mentions the "proxy case" for transport mode.  Neither 
TEMP-draft-kivinen-mobike-design-00.txt nor
TEMP-draft-kivinen-mobike-protocol-00.txt mentions 
transport mode.]

--------------------

IETF59 MOBIKE WG minutes:

Francis Dupont's presentation:

Proxy mode:
- When traffic selector (TS) doesn't match the peer address, follow the TS
- Security issue: proper authz is needed
- Proposal: accept it when the TS is in the address set
- Transport mode SAs are not concerned when peer address changes?
- This "proxy mode" is a required feature for Mobile IPv6 support 
  (to do transport mode SA for home address when peer address is CoA)

--------------------

Joe Touch / Francis Dupont (2004-08-06):

IMO, it would be more useful to support transport mode than tunnel
mode.  (reasons in draft-touch-ipsec-vpn)

Francis: I understand your reasons but transport mode of tunnels is a
bit special and should be handled by specifics mechanisms...  Can we
talk about this later and/or off-line?

Note that I plan to write a short document which explains both why
transport mode is out of scope and how transport mode can take
advantage of mobike (peer address list to be accurate).

--------------------

Issue closed after discussion on mailing list (2004-08-12):
"First document will consider only tunnel mode."

--------------------