Hi Jun, > The earlier we get rid of IKEv1, the better > Just one comment, regarding "IKEv2 has now seen wide deployment and provides > a full replacement for all > IKEv1 functionality." , I think there is one feature IKEv2 hasn't provided > equivalent yet is group key > management. Of course, I don't think it is a show stopper, just there should > be some clarification on this
The Group Key Management for IKEv2 is on the new ipsecme charter and there is even a candidate document for it: draft-yeung-g-ikev2. Regards, Valery. > -----Original Message----- > From: IPsec <[email protected]> On Behalf Of Paul Wouters > Sent: Monday, March 11, 2019 11:39 AM > To: [email protected] WG <[email protected]> > Subject: [IPsec] Fwd: New Version Notification for > draft-pwouters-ikev1-ipsec-graveyard-00.txt > > > As we discussed on the list and in Bangkok, we were going to submit a > document to deprecrate IKEv1 and > various old skool algorithms using a [DEPRECATED] column in the IANA registry. > > I wrote a first draft to do this... > > Paul > > ---------- Forwarded message --------- > From: <[email protected]> > Date: Mon, Mar 11, 2019 at 2:35 PM > Subject: New Version Notification for > draft-pwouters-ikev1-ipsec-graveyard-00.txt > To: Paul Wouters <[email protected]> > > > > A new version of I-D, draft-pwouters-ikev1-ipsec-graveyard-00.txt > has been successfully submitted by Paul Wouters and posted to the IETF > repository. > > Name: draft-pwouters-ikev1-ipsec-graveyard > Revision: 00 > Title: Deprecation of IKEv1 and obsoleted algorithms Document date: > 2019-03-11 > Group: Individual Submission > Pages: 6 > URL: > https://www.ietf.org/internet-drafts/draft-pwouters-ikev1-ipsec-graveyard-00.txt > Status: > https://datatracker.ietf.org/doc/draft-pwouters-ikev1-ipsec-graveyard/ > Htmlized: > https://tools.ietf.org/html/draft-pwouters-ikev1-ipsec-graveyard-00 > Htmlized: > https://datatracker.ietf.org/doc/html/draft-pwouters-ikev1-ipsec-graveyard > > > Abstract: > This document deprecates Internet Key Exchange version 1 (IKEv1) and > additionally deprecates a number of algorithms that are obsolete. > > > > > Please note that it may take a couple of minutes from the time of submission > until the htmlized version and > diff are available at tools.ietf.org. > > The IETF Secretariat > > > _______________________________________________ > IPsec mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/ipsec > _______________________________________________ > IPsec mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/ipsec _______________________________________________ IPsec mailing list [email protected] https://www.ietf.org/mailman/listinfo/ipsec
