IETF Logo Mail Archive

[IPsec] IPsecME virtual meeting minutes, and way forward with fragmentation

Yaron Sheffer <yaronf.ietf@gmail.com> Thu, 16 May 2013 16:57 UTC

Return-Path: <yaronf.ietf@gmail.com>
X-Original-To: ipsec@ietfa.amsl.com
Delivered-To: ipsec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7D50411E8102 for <ipsec@ietfa.amsl.com>; Thu, 16 May 2013 09:57:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.599
X-Spam-Level:
X-Spam-Status: No, score=-102.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id XaB-WkTS7CCF for <ipsec@ietfa.amsl.com>; Thu, 16 May 2013 09:57:32 -0700 (PDT)
Received: from mail-wg0-x22f.google.com (mail-wg0-x22f.google.com [IPv6:2a00:1450:400c:c00::22f]) by ietfa.amsl.com (Postfix) with ESMTP id B43EB21F93D7 for <ipsec@ietf.org>; Thu, 16 May 2013 09:57:30 -0700 (PDT)
Received: by mail-wg0-f47.google.com with SMTP id e12so364763wgh.14 for <ipsec@ietf.org>; Thu, 16 May 2013 09:57:29 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=x-received:message-id:date:from:user-agent:mime-version:to:subject :references:in-reply-to:x-forwarded-message-id:content-type :content-transfer-encoding; bh=xSb/f14gvSLPf85gxWt37CZyWSeCRPEv7qdHx62Y2Bg=; b=Sp44pDQycF9TT2/AcWcHedkVwbxzfhE2YEYSGMoZzKZkhZz/WaKVaHpqy+cLX6VAso b3KjxKRXus1BSbRmI9b0NxmVLpcBe2idmM55QSHT98n/OjEEnjryZs+X5iaCvKqC7SFh kFQUIQKCb7IyoJa6LS3YcQaHsxXg1Wfuk4cIMVj/wp6ylKY8r69Mxu+fUQ2T9GolQcD3 21H0rNXJpL7TOXqRaZ/m2Ot+cLtQuoIItJkZOIEodMa/g7aGWzATGR4qZAzxrirxBuiV Sxph3hSxfi6hWRs+gkEk7mISv/Eu3twPD7OYKDoVhUwPuc1QH9fbJ2ffH+V/h7vjhxMV aAfw==
X-Received: by 10.180.39.137 with SMTP id p9mr26087961wik.27.1368723449841; Thu, 16 May 2013 09:57:29 -0700 (PDT)
Received: from [10.0.0.4] (bzq-79-182-153-201.red.bezeqint.net. [79.182.153.201]) by mx.google.com with ESMTPSA id eq15sm5035220wic.4.2013.05.16.09.57.28 for <ipsec@ietf.org> (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Thu, 16 May 2013 09:57:29 -0700 (PDT)
Message-ID: <51950FF7.1050707@gmail.com>
Date: Thu, 16 May 2013 19:57:27 +0300
From: Yaron Sheffer <yaronf.ietf@gmail.com>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20130329 Thunderbird/17.0.5
MIME-Version: 1.0
To: IPsecme WG <ipsec@ietf.org>
References: <D49F3A1B-0BB0-4C48-84FB-00D8D86F0B3C@vpnc.org>
In-Reply-To: <D49F3A1B-0BB0-4C48-84FB-00D8D86F0B3C@vpnc.org>
X-Forwarded-Message-Id: <D49F3A1B-0BB0-4C48-84FB-00D8D86F0B3C@vpnc.org>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
Subject: [IPsec] IPsecME virtual meeting minutes, and way forward with fragmentation
X-BeenThere: ipsec@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Discussion of IPsec protocols <ipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipsec>, <mailto:ipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ipsec>
List-Post: <mailto:ipsec@ietf.org>
List-Help: <mailto:ipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 16 May 2013 16:57:32 -0000

Hi,

As promised, we just had a virtual interim meeting to discuss IKEv2 
fragmentation. Please see the minutes below (thanks Paul!).

Following up on this meeting, we would like to confirm the decision on 
the mailing list:

- The group still thinks this is an important problem that needs an 
interoperable solution.
- We would like to abandon the work on IKE-over-TCP.
- And to work on IKEv2 protocol-level fragmentation, using 
draft-smyslov-ipsecme-ikev2-fragmentation as a starting point.

Please send your approval, disapproval or comments to the list within a 
week (until May 23).

Thanks,
	Yaron


-------- Original Message --------
Subject: Proposed minutes for today

IPsecME WG
Virtual Interim Meeting, 2013-05-16
Minutes taken by Paul Hoffman

Yaron gave introduction
	Introduction superfluous
	We have little energy
	Maybe the draft should be individual draft with discussion on the list

Valery: is OK with this being Individual Submission
	Yoav: wants it to be a WG document
		Cisco has its own running code that is non-interoperable
	Brian: Cisco would have to do the eventual result anyway
	Yoav: Cisco is more likely to implement if they were part of the discussion

Yaron wonders if this is a problem that needs to be resolved
	Yoav: yes, and would rather work with an RFC
	Tero: the problem is still there, but it just won't be TCP
		The WG needs to have implementers reviews at the start

Yaron: do we want to stay with the current TCP-based solution?
	Brian: might be running on sensors that don't have a TCP stack
	Yoav: even he won't implement it

Yaron: is Valery's draft better than what several non-standard 
implementations of what IKEv1 did
	Yoav: just copying what IKEv1 did is probably wrong; doesn't know
	Valery: they implemented for IKEv1 based on Microsoft's implementation
		If we introduce negotiation in IKEv2, it won't be exactly the same
		The implementation will be different, but similar
	Brian: it looks very similar but using a Notify for signaling, which is 
an advantage

Next steps:
	Ask the WG
		Abandon IKE TCP
		Adopt Valery's draft


Blue sheet:
	Brian Weis
	Daneil Migault
	Paul Hoffman
	Tero Kivinen
	Valery Smyslov
	Yaron Sheffer
	Yoav Nir

v2.23.0 | Report a Bug | By Email