An update: I have one small typo to correct (see my reply to Murray) and a list of milestones.
I suggest: Add support for preshared keys to initial IKEv2 SA: draft-ietf-ipsecme-ikev2-qr-alt Add support for reducing size and complexity of IKEv2 exchanges: draft-ietf-ipsecme-ikev2-sa-ts-payloads-opt-03 ESP compression Profile: draft-ietf-ipsecme-diet-esp and draft-ietf-ipsecme-diet-esp-extensions Tools for debugging IPsec configurations: I'm happy to take comments. These milestones don't have to be perfect, they just have to exist. I can include or remove the actual draft titles, if that seems better. I'd like to submit this for external review by Monday. Deb On Thu, Jan 9, 2025 at 8:27 AM Deb Cooley <debcool...@gmail.com> wrote: > Updated, see here for the changes: > > > https://author-tools.ietf.org/iddiff?url1=https%3A%2F%2Fdatatracker.ietf.org%2Fdoc%2Fcharter-ietf-ipsecme%2Fwithmilestones-13-00.txt&url2=https%3A%2F%2Fdatatracker.ietf.org%2Fdoc%2Fcharter-ietf-ipsecme%2Fwithmilestones-13-01.txt&difftype=--html > > It is on the telechat for 23 Jan for the informal round of review. > > Deb > > On Wed, Jan 8, 2025 at 6:11 PM Tero Kivinen <kivi...@iki.fi> wrote: > >> Paul Wouters writes: >> > This work item may also include solutions for transport issues >> > because of larger payload and message sizes. >> > >> > I believe this work is already complete with the INTERMEDIATE exchange, >> > so I think this sentence can be removed? >> >> No. This also includes things using TCP for IKEv2 for reliability and >> large messages, and then switching to ESP for actual IPsec. And also a >> case where we end up having payloads that are over 64k where IKEv2 >> basic payload code would need changes (not sure if we end up having >> payloads that are larger than 64k, some thing may also be done using >> other methods than large payloads). >> >> > for example sha3, >> > >> > Maybe leave that out, as there is a trend now to not specify SHA3 for >> > use with classic algorithms? >> >> There was request to add that, and I do not see any reason why remove >> it. If we do not want to specify it later then we simply do not have >> draft for that. >> >> > The charter doesn't mention the g-IKEv2 work and any of the other 4 >> > adopted documents in progress. Is that covered under a "maintenance" >> > part of the charter? I didn't really see that part mentioned, eg >> > "work on IKEv2 minor extensions". (although g-IKEv2 is not "minor" I >> > think) >> >> G-ikev2 and rename-esn have already be submitted to the IESG, thus are >> already out from the WG charter. >> >> Diet-esp and Diet-esp-extension should be going out soon after I have >> time to read them, they were in the last charter and we are finishing >> them using old charter. >> >> QR-alt should be also going out to the IESG after shephard writeup. >> >> sa-ts-payloads-opt can be covered by maintenance parts (it was in >> previous charter). >> >> > >> > > We will need milestones shortly, I'm happy to take suggestions. And >> per the usual, comments are welcome. >> > >> > Milestones for the adopted drafts would be good :) >> > >> > g-IKEv2 is scheduled for IESG already, so a Milestone of March maybe >> > :) >> >> Our milestones used to be for submitting for the IESG, and that is >> already past. >> >> > I think draft-ietf-ipsecme-ikev2-qr-alt-05 is more or less ready as >> > well. >> >> Agreed. >> >> > draft-ietf-ipsecme-ikev2-sa-ts-payloads-opt-03 needs some work >> > but once the PFS parts are split into their own doc, might be mostly >> > waiting on implementation and interop testing. So maybe aim for July? >> > >> > I am far less clear about the diet-ESP work, which seems stalled and >> > seems to lack implementer support right now? >> >> These are waiting for me to start WGLC, and I wanted to read them >> first before starting that, but as it seems I am not able to do that >> before the IEEE meeting next week, I will start WGLC now. >> -- >> kivi...@iki.fi >> >
_______________________________________________ IPsec mailing list -- ipsec@ietf.org To unsubscribe send an email to ipsec-le...@ietf.org
