Hi Paul, Thanks for your comments.
> On Jan 5, 2017, at 2:48 PM, Paul Wouters <[email protected]> wrote: > > On Wed, 4 Jan 2017, Brian Weis (bew) wrote: > >> >> In Seoul there was a presentation on the GDOI GROUPKEY-PUSH Acknowledgment >> Message (https://datatracker.ietf.org/doc/draft-weis-gdoi-rekey-ack/), an >> update to RFC 6407 (GDOI) — a group key management protocol using IKEv1. >> GDOI was originally managed by the MSEC WG, which is no longer active. The >> question was asked as to whether there was any interest in the IPSECME >> working group in this work, and the authors were asked to take the question >> to this list. Please respond if you believe the draft should be managed >> within IPSECME, rather than as an AD sponsored draft (which is the >> alternative plan). > > Is 6407 actually implemented for IKEv2? It really reads as an IKEv1 > plugin. Similarly, this also seems like an IKEv1 plugin for that > plugin. I'm a little surprised 6407 is Standards Track. Correct, it’s based on IKEv1. We understand that IPSECME is focused on IKEv2, but were asked to make sure that the working group was not interested before taking another path. > I wasn't around when 6407 happened. It seems like a very complicated > keying protocol that just happens to be run inside IKE (although on > a different port?). The goal of the 6407 is to provide key management for IP multicast flows. The IKE1 protocol re-use for 6407 makes sense for the devices that supported IPsec protection for both unicast and multicast traffic. > I'm not sure how many people within ipsecme > are familiar with this and would want to work on this document. As > it seems to not affect IKEv2 on port (4)500, I feel it is probably > best done without adoption by the WG. Thanks. > Although it currently says > Standards Track, so I'm not sure if it can be that and AD sponsored? Kathleen has agreed to AD sponsor the draft if ipsecme is not interested. Brian > > Paul -- Brian Weis Security, CSG, Cisco Systems Telephone: +1 408 526 4796 Email: [email protected] _______________________________________________ IPsec mailing list [email protected] https://www.ietf.org/mailman/listinfo/ipsec
