Re: [IPsec] Charter update

Sean Turner <TurnerS@ieca.com> Mon, 28 July 2014 15:16 UTC

Return-Path: <TurnerS@ieca.com>
X-Original-To: ipsec@ietfa.amsl.com
Delivered-To: ipsec@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BFAC71A0298 for <ipsec@ietfa.amsl.com>; Mon, 28 Jul 2014 08:16:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.433
X-Spam-Level:
X-Spam-Status: No, score=0.433 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FSL_HELO_BARE_IP_2=2, IP_NOT_FRIENDLY=0.334, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ggGkxAslgtg2 for <ipsec@ietfa.amsl.com>; Mon, 28 Jul 2014 08:16:28 -0700 (PDT)
Received: from gateway05.websitewelcome.com (gateway05.websitewelcome.com [67.18.59.3]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B1BF21B28A0 for <ipsec@ietf.org>; Mon, 28 Jul 2014 08:16:27 -0700 (PDT)
Received: by gateway05.websitewelcome.com (Postfix, from userid 5007) id CF001233DFF33; Mon, 28 Jul 2014 10:16:26 -0500 (CDT)
Received: from gator3286.hostgator.com (gator3286.hostgator.com [198.57.247.250]) by gateway05.websitewelcome.com (Postfix) with ESMTP id 98C66233DFE18 for <ipsec@ietf.org>; Mon, 28 Jul 2014 10:16:26 -0500 (CDT)
Received: from [96.231.227.95] (port=52159 helo=192.168.1.6) by gator3286.hostgator.com with esmtpsa (TLSv1:AES128-SHA:128) (Exim 4.82) (envelope-from <TurnerS@ieca.com>) id 1XBmf3-0003GF-Mk; Mon, 28 Jul 2014 10:16:25 -0500
Content-Type: text/plain; charset="windows-1252"
Mime-Version: 1.0 (Mac OS X Mail 7.3 \(1878.6\))
From: Sean Turner <TurnerS@ieca.com>
In-Reply-To: <53CAA14C.80301@gmail.com>
Date: Mon, 28 Jul 2014 11:16:22 -0400
Content-Transfer-Encoding: quoted-printable
Message-Id: <004816EB-6342-435E-A9FA-AA0E8FEEA843@ieca.com>
References: <53CAA14C.80301@gmail.com>
To: Yaron Sheffer <yaronf.ietf@gmail.com>
X-Mailer: Apple Mail (2.1878.6)
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - gator3286.hostgator.com
X-AntiAbuse: Original Domain - ietf.org
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain - ieca.com
X-BWhitelist: no
X-Source-IP: 96.231.227.95
X-Exim-ID: 1XBmf3-0003GF-Mk
X-Source:
X-Source-Args:
X-Source-Dir:
X-Source-Sender: (192.168.1.6) [96.231.227.95]:52159
X-Source-Auth: sean.turner@ieca.com
X-Email-Count: 1
X-Source-Cap: ZG9tbWdyNDg7ZG9tbWdyNDg7Z2F0b3IzMjg2Lmhvc3RnYXRvci5jb20=
Archived-At: http://mailarchive.ietf.org/arch/msg/ipsec/UM3t4ZbHMbTGyuODFs2InHe63ZQ
Cc: IPsecME WG <ipsec@ietf.org>
Subject: Re: [IPsec] Charter update
X-BeenThere: ipsec@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Discussion of IPsec protocols <ipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipsec>, <mailto:ipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ipsec/>
List-Post: <mailto:ipsec@ietf.org>
List-Help: <mailto:ipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 28 Jul 2014 15:16:30 -0000

On Jul 19, 2014, at 12:48, Yaron Sheffer <yaronf.ietf@gmail.com> wrote:

> IPsec folks,
> 
> Our existing charter (http://tools.ietf.org/wg/ipsecme/charters) is badly out of date. Below is a proposed charter revision. Please review and comment on the list. We might also discuss the new charter in the face-to-face next week.

I don’t think a revised charter is needed to strike the references to ADVPN as well as extend the window to adopt new wg items by six more months.  There’s an existing time-out in the charter (January 2015) and if nothing is adopted by the existing time-out I think the WG should close - assuming of course all of the existing drafts have been published as RFCs.  

Obviously, If the wg is closed the mailing list should remain open to provide a place for the community to discuss ipsec-related issues and a place for ADs to ask about AD-sponsored drafts.

If a re-charter does proceed, two things:

1)   I can see extending the time-out if you’re adding new work items during this recharter not if you’re removing references to work items.  I’d suggest that January 2015 remain as the time-out date.

2) I’d tweak the following a bit to lead more with the current state of affairs:

OLD:

>    The current work items include:
>   
>    Recently discovered incorrect behavior of ISPs poses a
>    challenge to IKE, whose UDP messages (especially #3 and #4)
>    sometimes get fragmented at the IP level and then dropped
>    by these ISPs. There is interest in solving this issue by
>    allowing transport of IKE over TCP; this is currently
>    implemented by some vendors. The group will standardize such
>    a solution.
>   
>    The WG will review and revise the list of mandatory-to-
>    implement algorithms for ESP and AH based on five years of experience 
>    with newer algorithms and cryptographic modes.
>   
>    The WG will revise the IKEv2 specification with a small number
>    of mandatory tests required for the secure operation of IKEv2
>    when using elliptic curve cryptography. This work will be based
>    on draft-sheffer-ipsecme-dh-checks.
> 
>    IKEv2 has had many interoperable implementations and can now be considered
>    a mature protocol. The WG will republish the protocol as an Internet Standard.
> 
>    At the time of writing, all the above are in late stages of the IETF process.
>    Therefore, the WG will go into low-power mode: it will remain active as a focal point
>    for the IPsec community. But it will only take on new work items if a strong community
>    interest can be seen.
> 
>    This charter will expire in July 2015 (12 months from approval).
>    If the charter is not updated before that time, the WG will be
>    closed and any remaining documents revert back to individual
>    Internet-Drafts.

NEW:

The WG has progressed the following documents to the IESG for publication and will remain open until these drafts are published as RFCs or this charter is revised to add new work items:

  draft-ietf-ipsecme-esp-ah-reqts: Revises the list of
  mandatory-to-implement algorithms for ESP and AH
  based on five years of experience with newer
  algorithms and cryptographic modes.

  draft-ietf-ipsecme-ikev2-fragmentation: Performs
  fragmentation of large messages by IKEv2 itself,
  replacing them by series of smaller messages.

  draft-kivinen-ipsecme-ikev2-rfc5996bis: Republishes
  the protocol as an Internet Standard because the
  protocol is now a mature protocol.

  draft-kivinen-ipsecme-signature-auth: Revises the
  IKEv2 specification with a small number of mandatory
  tests required for the secure operation of IKEv2 when
  using elliptic curve cryptography.

This charter expires in January 2015.  If the charter is not updated before that time to add new WG items, the WG will be closed.  New work items will be adopted only if there if there is strong community support can be demonstrated.  In the event of closure, the WG will request that the mailing remain open to act a focal point for the IPsec community.

spt