+ 1 to these proposals I'd also like to see the work on drafts like DIET-ESP (draft-mglt-ipsecme-diet-esp-04) be incorporated. I think we'll have some growing use cases for IPsec in constrained networks, and as that develops, extensions and modifications to the protocol to make IKEv2 and ESP work efficiently in those conditions will be necessary. (These would likely fall into the host-to-host use case described in the charter.)
Thanks, Tommy > On Oct 27, 2017, at 7:51 AM, Valery Smyslov <[email protected]> wrote: > > Hi, > > I think that the following items can be considered for the new charter. > > 1. Develop load sharing cluster solution for IKEv2/IPsec. The possible > charter text: > > MOBIKE protocol [RFC4555] is used to move existing > IKE/IPsec SA from one IP address to another. However, > in MOBIKE it is the initiator of the IKE SA (i.e. remote access client) > that controls this process. If there are several responders > each having own IP address and acting together as a load sharing > cluster, > then it is desirable for them to have ability to request initiator to > switch to > a particular member. The working group will analyze the possibility > to extend MOBIKE protocol or to develop new IKE extension > that will allow to build load sharing clusters in an interoperable way. > > 2. Make IKEv2 Postquantum Cryptography ready. In particular - make it > able to transfer large payloads in initial exchange without having > IP fragmentation issues. The possible charter text: > > Postquantum Cryptography brings new key exchange methods. > Most of these methods that are known to date have much larger public > keys then conventional Diffie-Hellman public keys. Direct using > these methods in IKEv2 might lead to a number of problems > due to the increased size of initial IKEv2 messages. The working group > will > analyze the possible problems and develop a solution, that will > make adding Postquantum key exchange methods more easy. > > Regards, > Valery. > > >> We will be meeting at Monday morning 09:30-11:00 for 1.5 hours. Our >> main agenda item will be the rechartering text, i.e., our charter will >> expire by the end of year, and we have most of our chartered work >> already completed, or almost finished, so we need to decide what new >> items (if any) we take to our charter, or wheter we shut down the WG. >> >> In last IETF we had people with items which we could add to charter, >> so I want those people wanting to add things to charter to send an >> email to the mailing list about what items they would like to propose >> to the charter, and preliminary charter text for the item. >> >> If we do not receive any proposed charter texts, then I assume we do >> not have any more work to do after we finish our current charter... >> >> Also if there is people wanting to present anything in the next >> IPsecME IETF session, send email to wg chairs [email protected]. >> -- >> [email protected] >> >> _______________________________________________ >> IPsec mailing list >> [email protected] >> https://www.ietf.org/mailman/listinfo/ipsec > > _______________________________________________ > IPsec mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/ipsec _______________________________________________ IPsec mailing list [email protected] https://www.ietf.org/mailman/listinfo/ipsec
