Re: [IPsec] Charter update

[[ Another nudge to keep this thread going. If you care about the charter, please comment. ]]

On Jul 19, 2014, at 9:48 AM, Yaron Sheffer <yaronf.ietf@gmail.com> wrote:

> IPsec folks,
> 
> Our existing charter (http://tools.ietf.org/wg/ipsecme/charters) is badly out of date. Below is a proposed charter revision. Please review and comment on the list. We might also discuss the new charter in the face-to-face next week.
> 
> Thanks,
>     Paul and Yaron
> 
> 
> IP Security Maintenance and Extensions (ipsecme)
> ------------------------------------------------
> 
>  Charter
> 
>  Current Status: Active
> 
>  Chairs:
>      Paul E. Hoffman <paul.hoffman@vpnc.org>
>      Yaron Sheffer <yaronf.ietf@gmail.com>
> 
>  Security Area Directors:
>      Stephen Farrell <stephen.farrell@cs.tcd.ie>
>      Kathleen Moriarty <Kathleen.Moriarty.ietf@gmail.com>
> 
>  Security Area Advisor:
>      Kathleen Moriarty <Kathleen.Moriarty.ietf@gmail.com>
> 
>  Mailing Lists:
>      General Discussion: ipsec@ietf.org
>      To Subscribe:       https://www.ietf.org/mailman/listinfo/ipsec
>      Archive:            http://www.ietf.org/mail-archive/web/ipsec/
> 
> Description of Working Group:
> 
>    The IPsec suite of protocols includes IKEv1 (RFC 2409
>    and associated RFCs), IKEv2 (RFC 5996), and the IPsec
>    security architecture (RFC 4301). IPsec is widely
>    deployed in VPN gateways, VPN remote access clients,
>    and as a substrate for host-to-host, host-to-network,
>    and network-to-network security.
>   
>    The IPsec Maintenance and Extensions Working Group
>    continues the work of the earlier IPsec Working Group
>    which was concluded in 2005. Its purpose is to maintain
>    the IPsec standard and to facilitate discussion of
>    clarifications, improvements, and extensions to IPsec,
>    mostly to IKEv2. The working group also serves as a
>    focus point for other IETF Working Groups who use IPsec
>    in their own protocols.
>   
>    The current work items include:
>   
>    Recently discovered incorrect behavior of ISPs poses a
>    challenge to IKE, whose UDP messages (especially #3 and #4)
>    sometimes get fragmented at the IP level and then dropped
>    by these ISPs. There is interest in solving this issue by
>    allowing transport of IKE over TCP; this is currently
>    implemented by some vendors. The group will standardize such
>    a solution.
>   
>    The WG will review and revise the list of mandatory-to-
>    implement algorithms for ESP and AH based on five years of experience 
>    with newer algorithms and cryptographic modes.
>   
>    The WG will revise the IKEv2 specification with a small number
>    of mandatory tests required for the secure operation of IKEv2
>    when using elliptic curve cryptography. This work will be based
>    on draft-sheffer-ipsecme-dh-checks.
> 
>    IKEv2 has had many interoperable implementations and can now be considered
>    a mature protocol. The WG will republish the protocol as an Internet Standard.
> 
>    At the time of writing, all the above are in late stages of the IETF process.
>    Therefore, the WG will go into low-power mode: it will remain active as a focal point
>    for the IPsec community. But it will only take on new work items if a strong community
>    interest can be seen.
> 
>    This charter will expire in July 2015 (12 months from approval).
>    If the charter is not updated before that time, the WG will be
>    closed and any remaining documents revert back to individual
>    Internet-Drafts.
>   
> 
> Goals and Milestones:
> 
>   Done - IETF Last Call on large scale VPN use cases and requirements
>   Done - IETF last call on IKE fragmentation solution
>   Done - IETF last call on new mandatory-to-implement algorithms
> 
>   [No current milestones]
> _______________________________________________
> IPsec mailing list
> IPsec@ietf.org
> https://www.ietf.org/mailman/listinfo/ipsec