Spencer Dawkins has entered the following ballot position for charter-ietf-ipsecme-10-02: No Objection
When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) The document, along with other ballot positions, can be found here: https://datatracker.ietf.org/doc/charter-ietf-ipsecme/ ---------------------------------------------------------------------- COMMENT: ---------------------------------------------------------------------- Not for IPSECME, but for the IESG ... I don't object to this work: "There have been middle boxes blocking IKE negotiation over UDP. To make IKE work in these environments, IKE and ESP packets need to be transmitted over TCP. Therefore the group will define a mechanism to use IKE and IPsec over TCP. The group will also provide guidance on how to detect when IKE cannot be negotiated over UDP, and TCP should be used as a fallback" because what's described is going from UDP to TCP, which avoids a lot of challenges that going from TCP to UDP gives you, but it would be good for us to talk about all the ways that people are detecting poor performance, and even complete failures, in one protocol and switching to another protocol in response. I note that Ian Swett reported in Berlin that Google sees QUIC affected by UDP impairments, including blocking, about five percent of the time, and they also fall back to TCP, so this is a current problem affecting work in multiple areas. Perhaps this is a a good topic for an upcoming informal telechat. _______________________________________________ IPsec mailing list [email protected] https://www.ietf.org/mailman/listinfo/ipsec
