Hi, I am unclear about the implications of the suggestion, as I do not find any reference to ESP Compression in the charter or the milestones. I am wondering if I may be overlooking a crucial aspect of the discussion. Additionally, there is a minor typo in the draft name; it should read draft-ietf-ipsecme-diet-esp-extension rather than draft-ietf-ipsecme-ikev2-diet-esp-extension. We anticipate that these items can be submitted to the IESG in February 2025, assuming they are indeed milestones.
I am not requesting an update to the charter; however, upon reviewing it, I realize the WG only mention IKEv2 and question whether it would be more appropriate to refer to it simply as IKE, given that IKEv1 is clearly deprecated. Yours, Daniel On Fri, Jan 24, 2025 at 6:20 AM Deb Cooley <debcool...@gmail.com> wrote: > An update: I have one small typo to correct (see my reply to Murray) and > a list of milestones. > > I suggest: > Add support for preshared keys to initial IKEv2 SA: > draft-ietf-ipsecme-ikev2-qr-alt > Add support for reducing size and complexity of IKEv2 exchanges: > draft-ietf-ipsecme-ikev2-sa-ts-payloads-opt-03 > ESP compression Profile: draft-ietf-ipsecme-diet-esp and > draft-ietf-ipsecme-diet-esp-extensions > Tools for debugging IPsec configurations: > > I'm happy to take comments. These milestones don't have to be perfect, > they just have to exist. I can include or remove the actual draft titles, > if that seems better. > > I'd like to submit this for external review by Monday. > > Deb > > On Thu, Jan 9, 2025 at 8:27 AM Deb Cooley <debcool...@gmail.com> wrote: > >> Updated, see here for the changes: >> >> >> https://author-tools.ietf.org/iddiff?url1=https%3A%2F%2Fdatatracker.ietf.org%2Fdoc%2Fcharter-ietf-ipsecme%2Fwithmilestones-13-00.txt&url2=https%3A%2F%2Fdatatracker.ietf.org%2Fdoc%2Fcharter-ietf-ipsecme%2Fwithmilestones-13-01.txt&difftype=--html >> >> It is on the telechat for 23 Jan for the informal round of review. >> >> Deb >> >> On Wed, Jan 8, 2025 at 6:11 PM Tero Kivinen <kivi...@iki.fi> wrote: >> >>> Paul Wouters writes: >>> > This work item may also include solutions for transport issues >>> > because of larger payload and message sizes. >>> > >>> > I believe this work is already complete with the INTERMEDIATE exchange, >>> > so I think this sentence can be removed? >>> >>> No. This also includes things using TCP for IKEv2 for reliability and >>> large messages, and then switching to ESP for actual IPsec. And also a >>> case where we end up having payloads that are over 64k where IKEv2 >>> basic payload code would need changes (not sure if we end up having >>> payloads that are larger than 64k, some thing may also be done using >>> other methods than large payloads). >>> >>> > for example sha3, >>> > >>> > Maybe leave that out, as there is a trend now to not specify SHA3 for >>> > use with classic algorithms? >>> >>> There was request to add that, and I do not see any reason why remove >>> it. If we do not want to specify it later then we simply do not have >>> draft for that. >>> >>> > The charter doesn't mention the g-IKEv2 work and any of the other 4 >>> > adopted documents in progress. Is that covered under a "maintenance" >>> > part of the charter? I didn't really see that part mentioned, eg >>> > "work on IKEv2 minor extensions". (although g-IKEv2 is not "minor" I >>> > think) >>> >>> G-ikev2 and rename-esn have already be submitted to the IESG, thus are >>> already out from the WG charter. >>> >>> Diet-esp and Diet-esp-extension should be going out soon after I have >>> time to read them, they were in the last charter and we are finishing >>> them using old charter. >>> >>> QR-alt should be also going out to the IESG after shephard writeup. >>> >>> sa-ts-payloads-opt can be covered by maintenance parts (it was in >>> previous charter). >>> >>> > >>> > > We will need milestones shortly, I'm happy to take suggestions. And >>> per the usual, comments are welcome. >>> > >>> > Milestones for the adopted drafts would be good :) >>> > >>> > g-IKEv2 is scheduled for IESG already, so a Milestone of March maybe >>> > :) >>> >>> Our milestones used to be for submitting for the IESG, and that is >>> already past. >>> >>> > I think draft-ietf-ipsecme-ikev2-qr-alt-05 is more or less ready as >>> > well. >>> >>> Agreed. >>> >>> > draft-ietf-ipsecme-ikev2-sa-ts-payloads-opt-03 needs some work >>> > but once the PFS parts are split into their own doc, might be mostly >>> > waiting on implementation and interop testing. So maybe aim for July? >>> > >>> > I am far less clear about the diet-ESP work, which seems stalled and >>> > seems to lack implementer support right now? >>> >>> These are waiting for me to start WGLC, and I wanted to read them >>> first before starting that, but as it seems I am not able to do that >>> before the IEEE meeting next week, I will start WGLC now. >>> -- >>> kivi...@iki.fi >>> >> _______________________________________________ > IPsec mailing list -- ipsec@ietf.org > To unsubscribe send an email to ipsec-le...@ietf.org > -- Daniel Migault Ericsson
_______________________________________________ IPsec mailing list -- ipsec@ietf.org To unsubscribe send an email to ipsec-le...@ietf.org