WG Action: Rechartered IP Security Maintenance and Extensions (ipsecme)
The IESG <iesg-secretary@ietf.org> Thu, 06 February 2025 20:48 UTC
Return-Path: <iesg-secretary@ietf.org>
X-Original-To: ietf-announce@ietfa.amsl.com
Delivered-To: ietf-announce@ietfa.amsl.com
Received: from mail.ietf.org (ietfa.amsl.com [50.223.129.194]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPSA id 75C85C14F605; Thu, 6 Feb 2025 12:48:13 -0800 (PST)
Received: from [10.244.8.212] (unknown [104.131.183.230]) by ietfa.amsl.com (Postfix) with ESMTP id 0DB9DC14F68D; Thu, 6 Feb 2025 12:48:12 -0800 (PST)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
Subject: WG Action: Rechartered IP Security Maintenance and Extensions (ipsecme)
X-Test-IDTracker: no
X-IETF-IDTracker: 12.35.0
Auto-Submitted: auto-generated
Precedence: bulk
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
Message-ID: <173887489272.508.18285368444083590449@dt-datatracker-75c44cbbdf-pxnd6>
Date: Thu, 06 Feb 2025 12:48:12 -0800
Message-ID-Hash: YRWDTILUJRHFEP4AQAM7G6KPHRN64DWD
X-Message-ID-Hash: YRWDTILUJRHFEP4AQAM7G6KPHRN64DWD
X-MailFrom: iesg-secretary@ietf.org
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-ietf-announce.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: The IESG <iesg@ietf.org>, ipsec@ietf.org, ipsecme-chairs@ietf.org, ipsecme-chairs@tools.ietf.org
X-Mailman-Version: 3.3.9rc6
List-Id: "IETF announcement list. No discussions." <ietf-announce.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf-announce/GZGxpMtoNokofi2SlRXuRaq7uN4>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf-announce>
List-Help: <mailto:ietf-announce-request@ietf.org?subject=help>
List-Owner: <mailto:ietf-announce-owner@ietf.org>
List-Post: <mailto:ietf-announce@ietf.org>
List-Subscribe: <mailto:ietf-announce-join@ietf.org>
List-Unsubscribe: <mailto:ietf-announce-leave@ietf.org>
The IP Security Maintenance and Extensions (ipsecme) WG in the Security Area of the IETF has been rechartered. For additional information, please contact the Area Directors or the WG Chairs. IP Security Maintenance and Extensions (ipsecme) ----------------------------------------------------------------------- Current status: Active WG Chairs: Yoav Nir <ynir.ietf@gmail.com> Tero Kivinen <kivinen@iki.fi> Assigned Area Director: Deb Cooley <debcooley1@gmail.com> Security Area Directors: Paul Wouters <paul.wouters@aiven.io> Deb Cooley <debcooley1@gmail.com> Mailing list: Address: ipsec@ietf.org To subscribe: https://www.ietf.org/mailman/listinfo/ipsec Archive: https://mailarchive.ietf.org/arch/browse/ipsec/ Group page: https://datatracker.ietf.org/group/ipsecme/ Charter: https://datatracker.ietf.org/doc/charter-ietf-ipsecme/ The IPsec suite of protocols includes IKEv2 (STD 79 and associated RFCs), the IPsec security architecture (RFC 4301), AH (RFC 4302), and ESP (RFC 4303). It also includes the now obsoleted IKEv1 (RFC 2409 and associated RFCs). IPsec is widely deployed in VPN gateways, VPN remote access, and as a substrate for host-to-host, host-to-network, and network-to-network security. The IPsec Maintenance and Extensions Working Group continues the work of the earlier IPsec Working Group which was concluded in 2005. Its purpose is to maintain the IPsec standard and to facilitate discussion of clarifications, improvements, and extensions to IPsec, mostly to ESP and IKEv2. The working group also serves as a focus point for other IETF Working Groups who use IPsec in their own protocols. The current work items include: Post-quantum Cryptography (PQC) brings new authentication and key establishment methods. The working group will develop support for using PQC algorithms. The solution will allow post quantum authentication methods to be performed on their own or along with the existing authentication methods. This work item may also include solutions for transport issues because of larger payload and message sizes. The cryptographic algorithm implementation requirements and usage guidance documents for IKEv2, ESP, and AH were updated last in 2017. The working group will update these documents. This may also include defining how to use additional algorithms for IPsec in separate documents (for example sha3, and PQC). There is a need for tools that make it easier to debug IPsec configurations. The working group will work on documents to help that. One such tool could be the esp-ping protocol. The ESPv3 protocol was defined in 2005 and there may be a need to make enhancements to it. The working group will analyze the possible problems and work on solving them. This may include updating ESP, AH, and/or Wrapped ESP (WESP) standards, or result in a new security protocol. Milestones: Mar 2025 - Submit IPsec ping draft(s) to IESG Jun 2025 - Submit PQC authentication support draft to IESG Nov 2025 - Submit updated implementation requirements draft to IESG Nov 2025 - Submit enhanced ESP protocol to IESG