# IP Security Maintenance and Extensions (IPsecME) WG. {#ip-security-maintenance-and-extensions-ipsecme-wg} IETF 115 - Wednesday November 9th, 2022 15:00-16:30 UTC https://meetings.conf.meetecho.com/ietf115/?group=ipsecme&short=&item=1 ## Agenda {#agenda} * Note Well, Agenda Bashing and logistics - 5 min * Document status - 5 min * multi-sa update - 5 min * draft-pwouters-ipsecme-multi-sa-performance-05 * Paul Wouters * IPsec workshop report - 10 minutes * Steffen Klassert * IPComp Extension - 10 min * draft-ls-6man-ipcomp-exclude-transport-layer * Hang Shi * New IKEv2 payload format - 15 min * Valery Symslov * Revised Cookie Processing in IKEv2 - 10 min * draft-smyslov-ipsecme-ikev2-cookie-revised * Valery Smyslov * Inter-domain source address validation using RPKI and IPsec - 15 min * draft-xu-risav and draft-xu-erisav * Yangfei Guo * IKEv2 Optional SA&TS Payloads in Child Exchange - 10 min * draft-kampati-ipsecme-ikev2-sa-ts-payloads-opt * Wei PAN (潘伟) * IPsec anti-replay subspaces - 10 min * draft-ponchon-ipsecme-anti-replay-subspaces * Paul Ponchon * If time permits: * Traffic Selector with DSCP - Daniel Migault * MTU fragmentation - Daniel Migault ## Working Group Minutes {#working-group-minutes} ### Note Well, Agenda Bashing and logistics {#note-well-agenda-bashing-and-logistics} *(chairs)* Tero Kivinen noted we will likely not get to the last two items on the agenda. ### Document status {#document-status} *(chairs)* * 4 I-Ds in RFC Editor's queue * 2 Pub request * 1 Waiting for write-up (Paul asked Tero to try to get this done ASAP) * 1 WGLC * 2 In progress ### Multi SA update {#multi-sa-update} *(Paul Wouters)* draft-pwouters-ipsecme-multi-sa-performance-04 [Slides][1] **Paul Ponchon**: We are facing similar issues. One concern that adding more SAs we could face scability issues. **Paul Wouters**: More than one SA/tunnel might cause problems? **Paul P**: In some situation you might have a few that add lot. **Paul Wouters**: When you have a lot of clients and tunnels your spreading them out over CPUs. **Valery Smyslov**: I support adoption of this I-D. Will have some experimentation. It's a good starting point. **Daniel Migault**: I think it's a problem that we nneed to solve. It would be more complicated to have multiple SAs. We sohuld limit the number of SAs. **Christian Hopps**: I was excited to hear you have an implementation. **Paul Wouters**: It's in the implementation section. ### IPsec workshop report {#ipsec-workshop-report} *(Steffen Klassert)* [Slides][2] No comments ### IPComp Extension {#ipcomp-extension} *(Hang Shi)* draft-ls-6man-ipcomp-exclude-transport-layer [Slides][3] **Yoav Nir**: IPComp has been deprecated and mostly hidden. As much deprecated from AH. Fine to decouple it, but not sure how useful it is. **Tero Kivinen**: Decouple means move it to another WG. **Paul Wouters**: One way to make this go away is not use IPComp. If use case is MTU issues, then use IPTFS. **Hang**: It's about bandwidth. **Eric (INT AD)**: we just got the draft that cmpresses directly over IP. SHAKE? **Tero Kivinen**: MTU problems start to appear if you add compression header overhead without actually compressing the packet. **Daniel Migault**: Look at SHAKE. ### New IKEv2 payload format {#new-ikev2-payload-format} *(Valery Symslov)* [Slides][4] **Daniel Migault**: I think it's interesting. When we decreace redudnacy is it easier or harder? **Valery Symslov**: It's moderate. But easy to build into existingn systems, but not that much. Tero Kivinen: I think this is two seperate work items. Would like to have one solution for each. There has to be interest and there appears to be interest. ### Revised Cookie Processing in IKEv2 {#revised-cookie-processing-in-ikev2} *(Valery Smyslov)* draft-smyslov-ipsecme-ikev2-cookie-revised [Slides][5] **Tero Kivinen**: I think this is a little bit questionable. It's a flaw, but is the question is that it doesn't affect the security then maybe it's okay to leave alone. Maybe there's another way to do this ... **Tero**: send a "this is the cookie that was used" in IKE\_AUTH responder. It is optional. Could fix it. You now know WHY auth failed and know you can retry from scratch **Smyslov**: Might be good idea, but what to do if you notice cookie is different. **Tero**: Send error ntification saying cookie changed. **Paul Wouters**: If Valery volunteers I can help out here. ALso have some questions about how often this happens. Paul mumbled some wrong things and retracted :) **Tero**: Need to get more comments. Valery to send message to list to gauge interest. ### Inter-domain source address validation using RPKI and IPsec {#inter-domain-source-address-validation-using-rpki-and-ipsec} *(Yangfei Guo)* draft-xu-risav and draft-xu-erisav [Slides][6] **Paul W**: 1) slide 4: yes it's delete/notify. 2) ICV is optional depending for the packet format but its use is mandated by the cipher (ICV for non-AEAD, no ICV for AEAD) 3) transport mode can only be requested as preference. tunnel mode fallback is mandatory. Sorry to those who hate us for that. **Scott Fluhrer**: On Static-static-DH is that there is no PQ equivalent. Better to avoid it. **Ben Schwartz**: This is early stage proposal. This is really closely to anti-replay proposal. ### IKEv2 Optional SA&TS Payloads in Child Exchange {#ikev2-optional-sats-payloads-in-child-exchange} *(Wei PAN (潘伟))* draft-kampati-ipsecme-ikev2-sa-ts-payloads-opt [Slides][7] **Tero**: Slide 3: The middle option is from ... option for IKE SA doesn't really apply. **Wei Wanng**: Did you have deployment in any operators network. **Wei Pan**: As far as I know the base station has deployed this in their 5G network. **Wei Wang**: Very interested in this solution. **Chan Meiling**: Used by low power systems. Support adoption. **Valery Symslov**: Read it and support adoption. **Tero**: After presentation, this I-D will be in WG adoption. ### IPsec anti-replay subspaces {#ipsec-anti-replay-subspaces} *(Paul Ponchon)* draft-ponchon-ipsecme-anti-replay-subspaces [Slides][8] **Scott Fluhrer**: For the GCM nonce issue remember 32 bits are cming from the KEX. Take the subspace from there then no collisions. **Ben Schwartz**: This is one of the main problems while try to do this. Would prefer pure statelesss solution. Prefers options #2. Also talked abut trying to hash the source ID of the sender into the secret used for deceryption and validation. **Daniel Migault**: We do support this work and happy to work together. **Tero Kivinen (no hat)**: We already have 32 bit sending ID; it'ss called SPIs. Multiple SAs is the solution for that. Mandatory to generate sequence number, but checking replay protection window is not. Not sure you are getting much help here. **Steffeb Klassert**: Rough consensus shows we work on this. Let's do an interim to address this! **Ben Schwarts**: To respond to Tero, disabling replay protection seems danngerous. (more back and forth I didn't catch) **Pierre Pfister**: I think it's a concern of anti-replay. Serious concerns about scaling. ### Traffic Selector with DSCP {#traffic-selector-with-dscp} *(Daniel Migault)* [Slides][9] Ran out of time: ### MTU fragmentation {#mtu-fragmentation} *(Daniel Migault)* Ran out of time: ## END {#end} [1]: https://datatracker.ietf.org/meeting/115/materials/slides-115-ipsecme-draft-pwouters-multi-sa-performance [2]: https://datatracker.ietf.org/meeting/115/materials/slides-115-ipsecme-ipsec-workshop-report [3]: https://datatracker.ietf.org/meeting/115/materials/slides-115-ipsecme-ipcomp-excluding-transport-layer [4]: https://datatracker.ietf.org/meeting/115/materials/slides-115-ipsecme-new-ikev2-payload-format [5]: https://datatracker.ietf.org/meeting/115/materials/slides-115-ipsecme-revised-cookie-processing-in-ikev2 [6]: https://datatracker.ietf.org/meeting/115/materials/slides-115-ipsecme-an-rpki-and-ipsec-based-as-to-as-approach-for-source-address-validation [7]: https://datatracker.ietf.org/meeting/115/materials/slides-115-ipsecme-ikev2-optional-sats-payloads-in-child-exchange [8]: https://datatracker.ietf.org/meeting/115/materials/slides-115-ipsecme-ipsec-anti-replay-subspaces [9]: https://datatracker.ietf.org/meeting/115/materials/slides-115-ipsecme-classifier-for-dscpecn