We support the proposals and will publish updated the documents regarding diet-esp and its associated IKEv2 extension. We believe draft-mglt-ipsecme-diet-esp and draft-ipsecme-ikev2-extention could be a good starting point.
The proposed text for the charter could be: A growing number of use cases for constraint network - but not limited to - have shown interest in reducing ESP overhead by compressing ESP fields. The WG will define extensions of ESP and IKEv2 to enable ESP header compression. draft-mglt-ipsecme-diet-esp and draft-mglt-ipsecme-ikev2-extention are expected to be good starting points. Yours, Daniel On Fri, Oct 27, 2017 at 12:33 PM, Tommy Pauly <[email protected]> wrote: > + 1 to these proposals > > I'd also like to see the work on drafts like DIET-ESP > (draft-mglt-ipsecme-diet-esp-04) be incorporated. I think we'll have some > growing use cases for IPsec in constrained networks, and as that develops, > extensions and modifications to the protocol to make IKEv2 and ESP work > efficiently in those conditions will be necessary. (These would likely fall > into the host-to-host use case described in the charter.) > > Thanks, > Tommy > > > On Oct 27, 2017, at 7:51 AM, Valery Smyslov <[email protected]> wrote: > > > > Hi, > > > > I think that the following items can be considered for the new charter. > > > > 1. Develop load sharing cluster solution for IKEv2/IPsec. The possible > charter text: > > > > MOBIKE protocol [RFC4555] is used to move existing > > IKE/IPsec SA from one IP address to another. However, > > in MOBIKE it is the initiator of the IKE SA (i.e. remote access > client) > > that controls this process. If there are several responders > > each having own IP address and acting together as a load sharing > cluster, > > then it is desirable for them to have ability to request initiator > to switch to > > a particular member. The working group will analyze the > possibility > > to extend MOBIKE protocol or to develop new IKE extension > > that will allow to build load sharing clusters in an interoperable > way. > > > > 2. Make IKEv2 Postquantum Cryptography ready. In particular - make it > > able to transfer large payloads in initial exchange without having > > IP fragmentation issues. The possible charter text: > > > > Postquantum Cryptography brings new key exchange methods. > > Most of these methods that are known to date have much larger > public > > keys then conventional Diffie-Hellman public keys. Direct using > > these methods in IKEv2 might lead to a number of problems > > due to the increased size of initial IKEv2 messages. The working > group will > > analyze the possible problems and develop a solution, that will > > make adding Postquantum key exchange methods more easy. > > > > Regards, > > Valery. > > > > > >> We will be meeting at Monday morning 09:30-11:00 for 1.5 hours. Our > >> main agenda item will be the rechartering text, i.e., our charter will > >> expire by the end of year, and we have most of our chartered work > >> already completed, or almost finished, so we need to decide what new > >> items (if any) we take to our charter, or wheter we shut down the WG. > >> > >> In last IETF we had people with items which we could add to charter, > >> so I want those people wanting to add things to charter to send an > >> email to the mailing list about what items they would like to propose > >> to the charter, and preliminary charter text for the item. > >> > >> If we do not receive any proposed charter texts, then I assume we do > >> not have any more work to do after we finish our current charter... > >> > >> Also if there is people wanting to present anything in the next > >> IPsecME IETF session, send email to wg chairs [email protected]. > >> -- > >> [email protected] > >> > >> _______________________________________________ > >> IPsec mailing list > >> [email protected] > >> https://www.ietf.org/mailman/listinfo/ipsec > > > > _______________________________________________ > > IPsec mailing list > > [email protected] > > https://www.ietf.org/mailman/listinfo/ipsec > > _______________________________________________ > IPsec mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/ipsec >
_______________________________________________ IPsec mailing list [email protected] https://www.ietf.org/mailman/listinfo/ipsec
