# IP Security Maintenance and Extensions (ipsecme) WG IETF 111 - Monday July 26th, 2021 21:30-22:30 UTC ## Agenda * Note Well, technical difficulties and agenda bashing - Chairs (5 min) * Document Status - Chairs (5 min) * Work items * Hybrid IKEv2 Interoperability Testing - Valery Smyslov (5 min) * Improvements for post-quantum IKEv2 - Daniel Herzinger (5 min) * Management of IPTFS (Yang and SNMP draft) - Don Fedyk (10 min) * New items * Internet Key Exchange Protocol Version 2 (IKEv2) Configuration for Encrypted DNS - Valery Smyslov (10 min) * Beyond 64KB Limit of IKEv2 Payloads - Valery Smyslov (10 min) * IKEv2 Optional SA&TS Payloads in Child Exchange - William Panwei (5 min) * IKEv2 support for per-queue Child SAs - Paul Wouters (5 min) * AOB + Open Mic (0 min) ### Document Status Chairs (5 min) Chris: We would ask that if there is more required on IPTFS for sending to IESG, that we do this quickly, as it's been a full cycle since WGLC Tero: Yes, sounds good will get to this this week. * Chairs promised to write the shepherd writeup for IPTFS and for IKE-Intermediate ### Hybrid IKEv2 Interoperability Testing Valery Smyslov (5 min) [draft-ietf-ipsecme-ikev2-intermediate](https://datatracker.ietf.org/doc/draft-ietf-ipsecme-ikev2-intermediate/) [draft-ietf-ipsecme-ikev2-multiple-ke](https://datatracker.ietf.org/doc/draft-ietf-ipsecme-ikev2-multiple-ke/) ### Improvements for post-quantum IKEv2 Daniel Herzinger (5 min) ### Management of IPTFS (Yang and SNMP draft) Don Fedyk (10 min) [draft-ietf-ipsecme-yang-iptfs](https://datatracker.ietf.org/doc/draft-ietf-ipsecme-yang-iptfs/) [draft-ietf-ipsecme-mib-iptfs](https://datatracker.ietf.org/doc/draft-ietf-ipsecme-mib-iptfs/) Don: Asked for WGLC Tero: We have 3 WGLC ongoing, and are finishing moving the base draft to IESG. So in about a month from now we can WGLC Don: Ok, perhaps we can start YANG doctor reviews in preperation Tero: Ok. ### Internet Key Exchange Protocol Version 2 (IKEv2) Configuration for Encrypted DNS Valery Smyslov (10 min) [draft-btw-add-ipsecme-ike](https://datatracker.ietf.org/doc/draft-btw-add-ipsecme-ike/) ### Beyond 64KB Limit of IKEv2 Payloads Valery Smyslov (10 min) [draft-tjhai-ikev2-beyond-64k-limit](https://datatracker.ietf.org/doc/draft-tjhai-ikev2-beyond-64k-limit/) Paul: Asked why we are using TCP when the world is going to UDP. Valery: TCP is optional. Can use UDP, just less reliable. Yoav: Suggested there are other formats. Valery: This was considered in earlier draft but it is a larger change to the protocol. Valery Asked for WG adoption. Tero: If falls withing the charter and for the last two drafts can make adoption calls. ### IKEv2 Optional SA&TS Payloads in Child Exchange William Panwei (5 min) [draft-kampati-ipsecme-ikev2-sa-ts-payloads-opt](https://datatracker.ietf.org/doc/draft-kampati-ipsecme-ikev2-sa-ts-payloads-opt/) Panwei: Ask for WG adoption. Valery: In favor of Notify - SHOULD be supported. What about the very first CHild SA ? It inheirits from IKE? Paul: IN teh Trafic selctors there is signalling for PFS - Take to mailing list. ### IKEv2 support for per-queue Child SAs Paul Wouters (5 min) [draft-pwouters-ipsecme-multi-sa-performance](https://datatracker.ietf.org/doc/draft-pwouters-ipsecme-multi-sa-performance/) Tero: Maybe outside charter. Have to dicuss with AD and authors to see if it fits. Email to list. Ben: At the SAAG session post Quantum presenations. ### AOB + Open Mic (0 min)