Technical Summary
This document describes a method to avoid IP fragmentation in large
IKEv2 messages. It shows how to perform fragmentation in IKEv2
itself, replacing them by series of smaller messages.
This allows IKEv2 messages to traverse network devices that don't
allow IP fragments to pass through.
Given that this is a protocol extension, it is meant to be a
Proposed Standard.
Working Group Summary
Was there anything in the WG process that is worth noting?
The WG discussion of the document was fairly good, with about
average participation (which for the IPsecME WG means "the chairs
had to beg a bit for more participants, but we then got them"). We
also got a "TSVDIR-ish review" of the draft, which got good
discussion on the list. There was a reasonable amount of give-and-
take, and the WG Last Call was uncontentious. A significant point
was brought up during IETF Last Call, and was added to the Security
Considerations as a result of the SecDir review.
A few issues came up during the first IESG review. Another series
of edits occurred along with detailed reviews by a couple of area
experts. The edited draft went back through WG last call and is
ready for IESG review again.
Document Quality
The draft had working group consensus and there is one implementation
to date.
The WG discussion of the document was fairly good, with about average
participation (which for the IPsecME WG means "the chairs had to beg a
bit for more participants, but we then got them"). We also got a
"TSVDIR-ish review" of the draft, which got good discussion on the
list. There was a reasonable amount of give-and-take, and the WG Last
Call was uncontentious. A significant point was brought up during IETF
Last Call, and was added to the Security Considerations."
Personnel
Paul Hoffman (IPsecME WG co-chair) is the document shepherd and Kathleen Moriarty is the
responsible AD.