Minutes IETF111: ipsecme
minutes-111-ipsecme-01
Meeting Minutes | IP Security Maintenance and Extensions (ipsecme) WG | |
---|---|---|
Date and time | 2021-07-26 21:30 | |
Title | Minutes IETF111: ipsecme | |
State | Active | |
Other versions | markdown | |
Last updated | 2021-07-29 |
IP Security Maintenance and Extensions (ipsecme) WG
IETF 111 - Monday July 26th, 2021 21:30-22:30 UTC
Agenda
- Note Well, technical difficulties and agenda bashing - Chairs (5 min)
- Document Status - Chairs (5 min)
- Work items
- Hybrid IKEv2 Interoperability Testing - Valery Smyslov (5 min)
- Improvements for post-quantum IKEv2 - Daniel Herzinger (5 min)
- Management of IPTFS (Yang and SNMP draft) - Don Fedyk (10 min)
- New items
- Internet Key Exchange Protocol Version 2 (IKEv2) Configuration for Encrypted DNS - Valery Smyslov (10 min)
- Beyond 64KB Limit of IKEv2 Payloads - Valery Smyslov (10 min)
- IKEv2 Optional SA&TS Payloads in Child Exchange - William Panwei (5 min)
- IKEv2 support for per-queue Child SAs - Paul Wouters (5 min)
- AOB + Open Mic (0 min)
Document Status
Chairs (5 min)
Chris: We would ask that if there is more required on IPTFS for sending to IESG, that we do this quickly, as it's been a full cycle since WGLC
Tero: Yes, sounds good will get to this this week.
- Chairs promised to write the shepherd writeup for IPTFS and for IKE-Intermediate
Hybrid IKEv2 Interoperability Testing
Valery Smyslov (5 min)
draft-ietf-ipsecme-ikev2-intermediate
draft-ietf-ipsecme-ikev2-multiple-ke
Improvements for post-quantum IKEv2
Daniel Herzinger (5 min)
Management of IPTFS (Yang and SNMP draft)
Don Fedyk (10 min)
Don: Asked for WGLC
Tero: We have 3 WGLC ongoing, and are finishing moving the base draft to IESG. So in about a month from now we can WGLC
Don: Ok, perhaps we can start YANG doctor reviews in preperation
Tero: Ok.
Internet Key Exchange Protocol Version 2 (IKEv2) Configuration for Encrypted DNS
Valery Smyslov (10 min)
Beyond 64KB Limit of IKEv2 Payloads
Valery Smyslov (10 min)
draft-tjhai-ikev2-beyond-64k-limit
Paul: Asked why we are using TCP when the world is going to UDP.
Valery: TCP is optional. Can use UDP, just less reliable.
Yoav: Suggested there are other formats.
Valery: This was considered in earlier draft but it is a larger change to the protocol.
Valery Asked for WG adoption.
Tero: If falls withing the charter and for the last two drafts can make adoption calls.
IKEv2 Optional SA&TS Payloads in Child Exchange
William Panwei (5 min)
draft-kampati-ipsecme-ikev2-sa-ts-payloads-opt
Panwei: Ask for WG adoption.
Valery: In favor of Notify - SHOULD be supported. What about the very first CHild SA ? It inheirits from IKE?
Paul: IN teh Trafic selctors there is signalling for PFS - Take to mailing list.
IKEv2 support for per-queue Child SAs
Paul Wouters (5 min)
draft-pwouters-ipsecme-multi-sa-performance
Tero: Maybe outside charter. Have to dicuss with AD and authors to see if it fits. Email to list.
Ben: At the SAAG session post Quantum presenations.