Re: [IPsec] WG Adoption calls for draft-mglt-ipsecme-diet-esp and draft-mglt-ipsecme-ikev2-diet-esp-extension
Daniel Migault <mglt.ietf@gmail.com> Mon, 11 December 2023 16:17 UTC
Return-Path: <mglt.ietf@gmail.com>
X-Original-To: ipsec@ietfa.amsl.com
Delivered-To: ipsec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9C16EC14CF17; Mon, 11 Dec 2023 08:17:17 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.107
X-Spam-Level:
X-Spam-Status: No, score=-2.107 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HYNg8WBwqpe0; Mon, 11 Dec 2023 08:17:15 -0800 (PST)
Received: from mail-yb1-xb36.google.com (mail-yb1-xb36.google.com [IPv6:2607:f8b0:4864:20::b36]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 80ACBC14CF13; Mon, 11 Dec 2023 08:17:15 -0800 (PST)
Received: by mail-yb1-xb36.google.com with SMTP id 3f1490d57ef6-dbcaf854e5bso379844276.0; Mon, 11 Dec 2023 08:17:15 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1702311434; x=1702916234; darn=ietf.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=XPYv7VbQCuK5WWm9Tyhs0VJncYeSPknn1SCGbd8Vl5s=; b=gBn6/Q7Gc4BEpOWS7Y/37ajxTWI1uEZ7dpDPI2Clz5GrJVRQmJBsAf2wNVka8GWwxg FxFtaoXWm3QH/Svc9O52k/0IeBqkUWSxVr3mlKcHGThlXq8ULiorEEDP0xRCgOJP0ylB PC1kbNSsObaFH+aeCkEdbaB4K3kjMbiohVslP0cVdIuuZgEcctaX33pK6Bk62uhRxCE/ Grb8GwyIizOgVh4WLyQrzWHm4O7G3Vh0VgaIhfSogkokDX6+5ABaXQV8xMJLHgWpCnFd MNAorsxOjg0o6BjId/6inANMHyI6TJKgr7dBvyLDCxfxa2DZJXxWxZLxLtHFrDjIJBVI EWGg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1702311434; x=1702916234; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=XPYv7VbQCuK5WWm9Tyhs0VJncYeSPknn1SCGbd8Vl5s=; b=GFIrwWNZAFi7se62SDfJGtoCErFQF0WX64RMHbzPdwUvidjkUerU6lwzd+znIhgC5R RsMJhpeA7e+7gxHgUJ8q2ISy73f/yetlYV9FQzCVBob16mSugOAX5gpCrOJ5R/dIBr7L 3GxIhv6wIStOx5XrW7jmPhFNAVaqoLatsx1MbOMtYinJhV+8Rr46Jlzkdy1oldMtSEpa xd5nve7UySk9QLqk1QbEqHFTGF2nIXtS2N1doMzLA8cycIl0PbUpZAEZcHeEkuotvnSj CPFPsl00worToNC226YALb6bU1qQ9uFnTsLzLHl5NEv18zJ+Th8VFR1p/UVwBK4gBb8A MuNQ==
X-Gm-Message-State: AOJu0YwzHcI32cIIQ7gYKmTjCR1Zhpk5KZu30pfSs7jVYPpOLFNJCvuC G7c6Tsj2/wx+DqwnTMgH+nbSTj+r7sO4FTc0rmk=
X-Google-Smtp-Source: AGHT+IH2xfT5Ba0UZm3QxvOq1ETDZu5RGxjpbFmHVVrlxpLx3j/JXKiIRK3xz3I/Q0AdEJizuSCVql8V0uMrNiiLPJU=
X-Received: by 2002:a5b:783:0:b0:db5:449c:5ebf with SMTP id b3-20020a5b0783000000b00db5449c5ebfmr2764628ybq.38.1702311434304; Mon, 11 Dec 2023 08:17:14 -0800 (PST)
MIME-Version: 1.0
References: <CADZyTk=j=Wsd9CeS3LY3cH6AgD+A0e3uRftFRX7C2+d+7vBUhw@mail.gmail.com> <E4844AAF-7081-4967-87C2-CF3D4D267038@nohats.ca>
In-Reply-To: <E4844AAF-7081-4967-87C2-CF3D4D267038@nohats.ca>
From: Daniel Migault <mglt.ietf@gmail.com>
Date: Mon, 11 Dec 2023 11:17:03 -0500
Message-ID: <CADZyTkmvgOzrdB5ZrKZ0ZwjPr3n+qRqZQh+goBQSLaBNe9mEwg@mail.gmail.com>
To: Paul Wouters <paul@nohats.ca>
Cc: Hannes Tschofenig <hannes.tschofenig=40gmx.net@dmarc.ietf.org>, Carsten Bormann <cabo@tzi.org>, Tero Kivinen <kivinen@iki.fi>, ipsec@ietf.org, schc@ietf.org
Content-Type: multipart/alternative; boundary="00000000000056c06c060c3e4474"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipsec/8e3ZFbq6OjWv2uEetuEYb03DtlM>
Subject: Re: [IPsec] WG Adoption calls for draft-mglt-ipsecme-diet-esp and draft-mglt-ipsecme-ikev2-diet-esp-extension
X-BeenThere: ipsec@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Discussion of IPsec protocols <ipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipsec>, <mailto:ipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipsec/>
List-Post: <mailto:ipsec@ietf.org>
List-Help: <mailto:ipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 11 Dec 2023 16:17:17 -0000
Hi Paul, Please find my comments inline. Yours, Daniel On Mon, Dec 11, 2023 at 9:59 AM Paul Wouters <paul@nohats.ca> wrote: > > > > > On Dec 11, 2023, at 08:53, Daniel Migault <mglt.ietf@gmail.com> wrote: > > > > > > What is not completely clear to me now is how we will be able to > have/make public implementations for linux implementation and potentially > *Swan projects. It is a bit too early for now, but I am hoping to have a > path in the next coming months. > > For libreswan to consider this, there would have to be ESP support (or > plans) by maintainers of IPsec in Linux and/or BSD. > One thing is that we have implementations, another is that these implementations are public and the other thing is that it is supported by libreswan / Linux. As I mentioned earlier, I am hoping the publication of a Linux implementation can be clarified in the next coming months. It sounds though realistic to me that a Linux implementation be published. I see support from the SCHC crowd, but haven’t seen the same from the IPsec > crowd. I’m also myself still a bit unsure who would actually deploy this > outside proof of concept scenarios. > I am personally active on these drafts because we have a deployment perspective. The PoC phase is over for many years now and I can see a number of vendors we are willing to interconnect with. We would also want to look at using an scsh library (GPL compatible) as we > wouldn’t want to re-implement what seems like a very complicated high cpu > load parser. > > It is unclear to me who "We" is. However, assuming scsh stands for schc, and as I tried to mention a few minutes ago, we rely on SCHC for the specification. Implementations do not have to (see our old implementations for example). So, whoever is behind "We" does not have to necessarily re-implement or rely on a GPL SCHC library. Regarding compression / decompression I do see SCHC as pretty efficient especially because of the use of static context, so I am wondering 1) why "We" seesthis as "a very complicated high cpu load parser" and 2) what compression/decompression alternative "We" would find more efficient. > Paul > > > -- Daniel Migault Ericsson
- [IPsec] WG Adoption call for draft-mglt-ipsecme-d… Tero Kivinen
- Re: [IPsec] WG Adoption call for draft-mglt-ipsec… Daniel Migault
- Re: [IPsec] WG Adoption call for draft-mglt-ipsec… Edgar Ramos
- Re: [IPsec] [Schc] WG Adoption call for draft-mgl… Alexander PELOV
- Re: [IPsec] [Schc] WG Adoption call for draft-mgl… Laurent Toutain
- Re: [IPsec] [Schc] WG Adoption call for draft-mgl… Carles Gomez Montenegro
- Re: [IPsec] [Schc] WG Adoption call for draft-mgl… Ana Minaburo
- Re: [IPsec] [Schc] WG Adoption call for draft-mgl… Ivan Martinez Bolivar (Nokia)
- Re: [IPsec] WG Adoption calls for draft-mglt-ipse… Carsten Bormann
- Re: [IPsec] [Schc] WG Adoption call for draft-mgl… Harold Liu
- Re: [IPsec] WG Adoption call for draft-mglt-ipsec… William Atwood
- Re: [IPsec] WG Adoption call for draft-mglt-ipsec… David Schinazi
- Re: [IPsec] WG Adoption calls for draft-mglt-ipse… Hannes Tschofenig
- Re: [IPsec] WG Adoption call for draft-mglt-ipsec… Tommy Pauly
- Re: [IPsec] WG Adoption calls for draft-mglt-ipse… Daniel Migault
- Re: [IPsec] WG Adoption calls for draft-mglt-ipse… Daniel Migault
- Re: [IPsec] WG Adoption calls for draft-mglt-ipse… Hannes Tschofenig
- Re: [IPsec] [Schc] WG Adoption calls for draft-mg… Carsten Bormann
- Re: [IPsec] [Schc] WG Adoption calls for draft-mg… Eric Vyncke (evyncke)
- Re: [IPsec] WG Adoption calls for draft-mglt-ipse… Daniel Migault
- Re: [IPsec] [Schc] WG Adoption call for draft-mgl… Sandra Cespedes
- Re: [IPsec] WG Adoption calls for draft-mglt-ipse… Paul Wouters
- Re: [IPsec] WG Adoption calls for draft-mglt-ipse… Paul Wouters
- Re: [IPsec] WG Adoption calls for draft-mglt-ipse… hannes.tschofenig
- Re: [IPsec] [Schc] WG Adoption calls for draft-mg… hannes.tschofenig
- Re: [IPsec] WG Adoption calls for draft-mglt-ipse… hannes.tschofenig
- Re: [IPsec] WG Adoption calls for draft-mglt-ipse… Daniel Migault
- Re: [IPsec] WG Adoption calls for draft-mglt-ipse… Hannes Tschofenig
- Re: [IPsec] WG Adoption calls for draft-mglt-ipse… Daniel Migault
- Re: [IPsec] WG Adoption calls for draft-mglt-ipse… Daniel Migault
- Re: [IPsec] WG Adoption calls for draft-mglt-ipse… Hannes Tschofenig