<?xml version="1.0" encoding="UTF-8"?>
<reference anchor="I-D.kulangara-zero-sse-dst" target="https://datatracker.ietf.org/doc/html/draft-kulangara-zero-sse-dst-00">
   <front>
      <title>Persistent Systems Email: prasad_k1@persistent.com</title>
      <author initials="P." surname="Kulangara" fullname="Prasad Kulangara">
         </author>
      <date month="January" day="20" year="2026" />
      <abstract>
	 <t>   This document specifies a universal, tunnel-less mechanism for Secure
   Service Edge (SSE) steering based on a new SSE Identification Header
   (SSE-ID). The architecture enables endpoints, OS network stacks, and
   enterprise SD-WAN edge devices to signal the intent for traffic to be
   routed to an SSE provider without using GRE or IPsec tunnels.

   This document also defines an SD-WAN extension called the Direct
   Switchover Token (DST). DST provides a vendor-agnostic mechanism
   enabling SD-WAN spokes to establish direct, encrypted, spoke-to-spoke
   paths for traffic that does not require SSE inspection. DST is issued
   by a central controller after initial packets reach a hub or the
   controller and after evaluating policy and SSE requirements.

   Additionally, this document introduces (a) a Participating ISP
   routing model using an SSE-Only Public Pool (SOPP) and an SSE POP ID
   (SPID) to locate and route to SSE edges on SSE-enabled circuits, and
   (b) a Merger &amp; Acquisition (M&amp;A) access mode that allows two
   enterprises to access resources via the SSE cloud using Enterprise
   IDs; in this mode, traffic is spliced inside the SSE fabric by EID,
   with address-domain isolation to avoid IP conflicts.

   Together, SSE-ID and DST—augmented with SOPP/SPID and M&amp;A mode—
   provide a unified, interoperable, and tunnel-less architecture for
   SSE integration, SD-WAN optimization, inter-domain routing, and
   enterprise-to-enterprise access.

	 </t>
      </abstract>
   </front>
   <seriesInfo name="Internet-Draft" value="draft-kulangara-zero-sse-dst-00" />
   
</reference>
