Re: [Idr] Issue 1: IPSEC related drafts

Paul Wouters <paul@nohats.ca> Tue, 11 June 2019 20:07 UTC

Date: Tue, 11 Jun 2019 16:06:59 -0400
From: Paul Wouters <paul@nohats.ca>
To: "Hu, Jun (Nokia - US/Mountain View)" <jun.hu@nokia.com>
cc: Linda Dunbar <ldunbar@futurewei.com>, Susan Hares <shares@ndzh.com>, "idr@ietf.org" <idr@ietf.org>, "bess@ietf.org" <bess@ietf.org>, Yoav Nir <ynir.ietf@gmail.com>
In-Reply-To: <AM5PR0701MB235391CF7F5DD5688DCE22A895ED0@AM5PR0701MB2353.eurprd07.prod.outlook.com>
Message-ID: <alpine.LRH.2.21.1906111605060.23168@bofh.nohats.ca>
References: <01a001d51fc0$b02c41d0$1084c570$@ndzh.com> <MN2PR13MB3582C79ACE494B5E3EF572B5A9130@MN2PR13MB3582.namprd13.prod.outlook.com> <AM5PR0701MB235391CF7F5DD5688DCE22A895ED0@AM5PR0701MB2353.eurprd07.prod.outlook.com>
User-Agent: Alpine 2.21 (LRH 202 2017-01-01)
MIME-Version: 1.0
Content-Type: text/plain; charset="ISO-8859-7"; format="flowed"
Content-Transfer-Encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/idr/QKPmJP1AZ8a-Z7m3xJhl19THWUk>
Subject: Re: [Idr] Issue 1: IPSEC related drafts
Precedence: list

On Tue, 11 Jun 2019, Hu, Jun (Nokia - US/Mountain View) wrote:

I'll be at IETF105, so as long as there is no conflict I can attend a
meeting, whether WG or side meeting. I'll have to read up on some of
these documents though to ensure I understand the items for discussion.

Paul

> From: Idr <idr-bounces@ietf.org> On Behalf Of Susan Hares
> Sent: Monday, June 10, 2019 2:14 PM
> To: idr@ietf.org; bess@ietf.org
> Subject: [Idr] Issue 1: IPSEC related drafts
> 
>  
> 
> Greetings:
> 
>  
> 
> At IETF 104, we consider BGP VPNs supporting asking for TLVS in draft-ietf-idr-tunnel-encaps.    After hearing all the discussion, the BESS, IDR and
> I2RS WG chairs discussed what to do with the following
> 
>  
> 
> Drafts considered:
>
>  *  draft-sajassi-bess-secure-evpn-01.txt,
>  *  draft-hujun-idr-bgp-ipsec-00.txt,
>  *  draft-dunbar-idr-sdwan-port-safi-01.txt
> 
> relating drafts/ Supporting drafts:
>
>  *  draft-carrell-ipsecme-controller-ike-00.txt
>  *  draft-ietf-i2nsf-sdn-ipsec-flow-protection-04.txt
>  *  draft-ietf-idr-tunnel-encaps-12.txt
> 
> Basic topologies:
> 
>                        Ipsec tunnels  
> 
>      [rtrA] -------------------- [rtrB]
> 
>          |     \                           /      | 
> 
>          |       \ -- RR1 -------/     | ipsec tunnels
> 
>          |    / -----| |------\         |
> 
>      [rtrC]------------------- [rtrD]
> 
>  
> 
>  
> 
> The decision is that
>
>  *  TLVs mechanisms for new TLVS related draft-ietf-idr-tunnel-encaps should be moved to drafts with just the mechanisms. 
>      +  All three mechanisms could be included in the TLVs or portions.
>      +  The use case and the SA mechanisms can stay in BESS or IDR (depending on what is appropriate).
>  *  The RTG Chairs are not experts on Security associations, so that we will try to schedule a unique session at IETF 105 where security experts can
>     help the RTG chairs (BESS, IDR) review the Security association mechanisms. 
>      +  We’d love to have the second co-chair of I2NSF (Yoav NIR) and someone from IPSECME.
>      +  We’ll invite IPSEC experts.
>      +  We encourage the authors of the 3 drafts to attend this session in IETF 105 and present their security-association mechanisms.
>  *  The NLRI/SAFI in draft-dunbar-idr-sdwan-port-safi is unique and can be requested as IDR or ISE draft.
> 
> This email has two request:
>
>  *  WG or authors please send any questions to Susan Hares,
>  *  The IDR WG is encouraged to discuss requirements or needs in preparation for the TLV selection, and
>  *  Please help me secure 2 IPSEC experts to attend this session.
> 
>  
> 
> Susan Hares
> 
>  
> 
> 
>

[Idr] Issue 1: IPSEC related drafts Susan Hares
Re: [Idr] Issue 1: IPSEC related drafts Linda Dunbar
Re: [Idr] Issue 1: IPSEC related drafts Hu, Jun (Nokia - US/Mountain View)
Re: [Idr] Issue 1: IPSEC related drafts Paul Wouters