[[ Another nudge to keep this thread going. If you care about the charter, please comment. ]]
On Jul 19, 2014, at 9:48 AM, Yaron Sheffer <[email protected]> wrote: > IPsec folks, > > Our existing charter (http://tools.ietf.org/wg/ipsecme/charters) is badly out > of date. Below is a proposed charter revision. Please review and comment on > the list. We might also discuss the new charter in the face-to-face next week. > > Thanks, > Paul and Yaron > > > IP Security Maintenance and Extensions (ipsecme) > ------------------------------------------------ > > Charter > > Current Status: Active > > Chairs: > Paul E. Hoffman <[email protected]> > Yaron Sheffer <[email protected]> > > Security Area Directors: > Stephen Farrell <[email protected]> > Kathleen Moriarty <[email protected]> > > Security Area Advisor: > Kathleen Moriarty <[email protected]> > > Mailing Lists: > General Discussion: [email protected] > To Subscribe: https://www.ietf.org/mailman/listinfo/ipsec > Archive: http://www.ietf.org/mail-archive/web/ipsec/ > > Description of Working Group: > > The IPsec suite of protocols includes IKEv1 (RFC 2409 > and associated RFCs), IKEv2 (RFC 5996), and the IPsec > security architecture (RFC 4301). IPsec is widely > deployed in VPN gateways, VPN remote access clients, > and as a substrate for host-to-host, host-to-network, > and network-to-network security. > > The IPsec Maintenance and Extensions Working Group > continues the work of the earlier IPsec Working Group > which was concluded in 2005. Its purpose is to maintain > the IPsec standard and to facilitate discussion of > clarifications, improvements, and extensions to IPsec, > mostly to IKEv2. The working group also serves as a > focus point for other IETF Working Groups who use IPsec > in their own protocols. > > The current work items include: > > Recently discovered incorrect behavior of ISPs poses a > challenge to IKE, whose UDP messages (especially #3 and #4) > sometimes get fragmented at the IP level and then dropped > by these ISPs. There is interest in solving this issue by > allowing transport of IKE over TCP; this is currently > implemented by some vendors. The group will standardize such > a solution. > > The WG will review and revise the list of mandatory-to- > implement algorithms for ESP and AH based on five years of experience > with newer algorithms and cryptographic modes. > > The WG will revise the IKEv2 specification with a small number > of mandatory tests required for the secure operation of IKEv2 > when using elliptic curve cryptography. This work will be based > on draft-sheffer-ipsecme-dh-checks. > > IKEv2 has had many interoperable implementations and can now be considered > a mature protocol. The WG will republish the protocol as an Internet > Standard. > > At the time of writing, all the above are in late stages of the IETF > process. > Therefore, the WG will go into low-power mode: it will remain active as a > focal point > for the IPsec community. But it will only take on new work items if a > strong community > interest can be seen. > > This charter will expire in July 2015 (12 months from approval). > If the charter is not updated before that time, the WG will be > closed and any remaining documents revert back to individual > Internet-Drafts. > > > Goals and Milestones: > > Done - IETF Last Call on large scale VPN use cases and requirements > Done - IETF last call on IKE fragmentation solution > Done - IETF last call on new mandatory-to-implement algorithms > > [No current milestones] > _______________________________________________ > IPsec mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/ipsec _______________________________________________ IPsec mailing list [email protected] https://www.ietf.org/mailman/listinfo/ipsec
