WG Action: Rechartered IP Security Maintenance and Extensions (ipsecme)

The IESG <iesg-secretary@ietf.org> Fri, 09 January 2015 17:42 UTC

Return-Path: <iesg-secretary@ietf.org>
X-Original-To: ietf-announce@ietfa.amsl.com
Delivered-To: ietf-announce@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com []) by ietfa.amsl.com (Postfix) with ESMTP id A2AE31A8856; Fri, 9 Jan 2015 09:42:03 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -101.9
X-Spam-Status: No, score=-101.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, USER_IN_WHITELIST=-100] autolearn=ham
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id lwZ991MTXf2t; Fri, 9 Jan 2015 09:42:02 -0800 (PST)
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id D09691A8A7D; Fri, 9 Jan 2015 09:42:00 -0800 (PST)
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
Subject: WG Action: Rechartered IP Security Maintenance and Extensions (ipsecme)
X-Test-IDTracker: no
X-IETF-IDTracker: 5.10.0.p8
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <20150109174200.10206.94571.idtracker@ietfa.amsl.com>
Date: Fri, 09 Jan 2015 09:42:00 -0800
Archived-At: <http://mailarchive.ietf.org/arch/msg/ietf-announce/xkfaMUhEbI1bJojNxQ8ltz1GE-c>
Cc: ipsecme WG <ipsec@ietf.org>
X-BeenThere: ietf-announce@ietf.org
X-Mailman-Version: 2.1.15
Reply-To: ietf@ietf.org
List-Id: "IETF announcement list. No discussions." <ietf-announce.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf-announce>, <mailto:ietf-announce-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf-announce/>
List-Post: <mailto:ietf-announce@ietf.org>
List-Help: <mailto:ietf-announce-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf-announce>, <mailto:ietf-announce-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 09 Jan 2015 17:42:03 -0000

The IP Security Maintenance and Extensions (ipsecme) working group in the
Security Area of the IETF has been rechartered. For additional
information please contact the Area Directors or the WG Chairs.

IP Security Maintenance and Extensions (ipsecme)
Current Status: Active WG

  Paul Hoffman <paul.hoffman@vpnc.org>
  Yaron Sheffer <yaronf.ietf@gmail.com>

Assigned Area Director:
  Kathleen Moriarty <Kathleen.Moriarty.ietf@gmail.com>

Mailing list
  Address: ipsec@ietf.org
  To Subscribe: https://www.ietf.org/mailman/listinfo/ipsec
  Archive: http://www.ietf.org/mail-archive/web/ipsec/


 The IPsec suite of protocols includes IKEv1 (RFC 2409 and associated
RFCs), IKEv2 (RFC 7296), and the IPsec security architecture (RFC 4301).
IPsec is widely deployed in VPN gateways, VPN remote access clients, and
as a substrate for host-to-host, host-to-network, and network-to-network

The IPsec Maintenance and Extensions Working Group continues the work of
the earlier IPsec Working Group which was concluded in 2005. Its purpose
is to maintain the IPsec standard and to facilitate discussion of
clarifications, improvements, and extensions to IPsec, mostly to IKEv2.
The working group also serves as a focus point for other IETF Working
Groups who use IPsec in their own protocols.

The current work items include:

IKEv2 contains the cookie mechanism to protect against denial of service
attacks. However this mechanism cannot protect an IKE end-point
(typically, a large gateway) from "distributed denial of service", a
coordinated attack by a large number of "bots". The working group will
analyze the problem and propose a solution, by offering best practices
and potentially by extending the protocol.

There is interest in adapting the IKE protocol for opportunistic use
cases, by allowing one or both endpoints of the exchange to remain
unauthenticated. The group will extend the protocol to support these use

This charter will expire in December 2015 (a year from approval). If the
charter is not updated before that time, the WG will be closed and any
remaining documents revert back to individual Internet-Drafts.

  Done     - IETF Last Call on large scale VPN use cases and requirements
  Done     - IETF last call on IKE fragmentation solution
  Done     - IETF last call on new mandatory-to-implement algorithms
  Aug 2015 - IETF Last Call on DDoS protection
  Dec 2015 - IETF Last Call on null authentication