Skip to main content

Minutes IETF111: ipsecme
minutes-111-ipsecme-01

Meeting Minutes IP Security Maintenance and Extensions (ipsecme) WG
Date and time 2021-07-26 21:30
Title Minutes IETF111: ipsecme
State Active
Other versions markdown
Last updated 2021-07-29

minutes-111-ipsecme-01

IP Security Maintenance and Extensions (ipsecme) WG

IETF 111 - Monday July 26th, 2021 21:30-22:30 UTC

Agenda

  • Note Well, technical difficulties and agenda bashing - Chairs (5 min)
  • Document Status - Chairs (5 min)
  • Work items
  • Hybrid IKEv2 Interoperability Testing - Valery Smyslov (5 min)
  • Improvements for post-quantum IKEv2 - Daniel Herzinger (5 min)
  • Management of IPTFS (Yang and SNMP draft) - Don Fedyk (10 min)
  • New items
  • Internet Key Exchange Protocol Version 2 (IKEv2) Configuration for Encrypted DNS - Valery Smyslov (10 min)
  • Beyond 64KB Limit of IKEv2 Payloads - Valery Smyslov (10 min)
  • IKEv2 Optional SA&TS Payloads in Child Exchange - William Panwei (5 min)
  • IKEv2 support for per-queue Child SAs - Paul Wouters (5 min)
  • AOB + Open Mic (0 min)

Document Status

Chairs (5 min)

Chris: We would ask that if there is more required on IPTFS for sending to IESG, that we do this quickly, as it's been a full cycle since WGLC

Tero: Yes, sounds good will get to this this week.

  • Chairs promised to write the shepherd writeup for IPTFS and for IKE-Intermediate

Hybrid IKEv2 Interoperability Testing

Valery Smyslov (5 min)

draft-ietf-ipsecme-ikev2-intermediate

draft-ietf-ipsecme-ikev2-multiple-ke

Improvements for post-quantum IKEv2

Daniel Herzinger (5 min)

Management of IPTFS (Yang and SNMP draft)

Don Fedyk (10 min)

draft-ietf-ipsecme-yang-iptfs

draft-ietf-ipsecme-mib-iptfs

Don: Asked for WGLC

Tero: We have 3 WGLC ongoing, and are finishing moving the base draft to IESG. So in about a month from now we can WGLC

Don: Ok, perhaps we can start YANG doctor reviews in preperation

Tero: Ok.

Internet Key Exchange Protocol Version 2 (IKEv2) Configuration for Encrypted DNS

Valery Smyslov (10 min)

draft-btw-add-ipsecme-ike

Beyond 64KB Limit of IKEv2 Payloads

Valery Smyslov (10 min)

draft-tjhai-ikev2-beyond-64k-limit

Paul: Asked why we are using TCP when the world is going to UDP.

Valery: TCP is optional. Can use UDP, just less reliable.

Yoav: Suggested there are other formats.

Valery: This was considered in earlier draft but it is a larger change to the protocol.

Valery Asked for WG adoption.

Tero: If falls withing the charter and for the last two drafts can make adoption calls.

IKEv2 Optional SA&TS Payloads in Child Exchange

William Panwei (5 min)

draft-kampati-ipsecme-ikev2-sa-ts-payloads-opt

Panwei: Ask for WG adoption.

Valery: In favor of Notify - SHOULD be supported. What about the very first CHild SA ? It inheirits from IKE?

Paul: IN teh Trafic selctors there is signalling for PFS - Take to mailing list.

IKEv2 support for per-queue Child SAs

Paul Wouters (5 min)

draft-pwouters-ipsecme-multi-sa-performance

Tero: Maybe outside charter. Have to dicuss with AD and authors to see if it fits. Email to list.

Ben: At the SAAG session post Quantum presenations.

AOB + Open Mic (0 min)