Re: [IPsec] IPsec maintenance/extensions WG, summary so far
Jari Arkko <jari.arkko@piuha.net> Wed, 07 May 2008 12:20 UTC
Return-Path: <ipsec-bounces@ietf.org>
X-Original-To: ipsec-archive@megatron.ietf.org
Delivered-To: ietfarch-ipsec-archive@core3.amsl.com
Received: from core3.amsl.com (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 337EE3A7148; Wed, 7 May 2008 05:20:34 -0700 (PDT)
X-Original-To: ipsec@core3.amsl.com
Delivered-To: ipsec@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 19C333A7148 for <ipsec@core3.amsl.com>; Wed, 7 May 2008 05:20:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.203
X-Spam-Level:
X-Spam-Status: No, score=-2.203 tagged_above=-999 required=5 tests=[AWL=0.396, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id oMcDMeW2KVT0 for <ipsec@core3.amsl.com>; Wed, 7 May 2008 05:20:31 -0700 (PDT)
Received: from smtp.piuha.net (p130.piuha.net [IPv6:2001:14b8:400::130]) by core3.amsl.com (Postfix) with ESMTP id 33FFF3A69D5 for <ipsec@ietf.org>; Wed, 7 May 2008 05:20:31 -0700 (PDT)
Received: from smtp.piuha.net (localhost [127.0.0.1]) by smtp.piuha.net (Postfix) with ESMTP id 73B69198803; Wed, 7 May 2008 15:20:27 +0300 (EEST)
Received: from [127.0.0.1] (unknown [IPv6:2001:14b8:400::130]) by smtp.piuha.net (Postfix) with ESMTP id 390A0198713; Wed, 7 May 2008 15:20:23 +0300 (EEST)
Message-ID: <48219E8D.7090001@piuha.net>
Date: Wed, 07 May 2008 14:20:29 +0200
From: Jari Arkko <jari.arkko@piuha.net>
User-Agent: Thunderbird 1.5.0.14ubu (X11/20080306)
MIME-Version: 1.0
To: Pasi.Eronen@nokia.com
References: <1696498986EFEC4D9153717DA325CB728D5AF2@vaebe104.NOE.Nokia.com>
In-Reply-To: <1696498986EFEC4D9153717DA325CB728D5AF2@vaebe104.NOE.Nokia.com>
X-Virus-Scanned: ClamAV using ClamSMTP
Cc: ipsec@ietf.org
Subject: Re: [IPsec] IPsec maintenance/extensions WG, summary so far
X-BeenThere: ipsec@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Discussion of IPsec protocols <ipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:ipsec@ietf.org>
List-Help: <mailto:ipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: ipsec-bounces@ietf.org
Errors-To: ipsec-bounces@ietf.org
Pasi, The ones that I actually personally care about: > [R] o Update to IKEv2 base specification (possible starting point: > draft-hoffman-ikev2bis) > > [CR] o Better IPv6 configuration payloads (possible starting point: > draft-eronen-ipsec-ikev2-ipv6-config) > > [R] o Guidelines for Mandating the Use of IPsec, for RFC430x IPsec > (possible starting point: draft-bellovin-useipsec) > The following were also mildly interesting, I wouldn't mind if the WG did them: > o IPsec document roadmap update (possible starting point: RFC 2411) > > o Using AEAD algorithms in IKEv2 (possible starting point: > draft-black-ipsec-ikev2-aead-modes) > > o Redirecting a VPN client from one gateway to another > (in a cluster of gateways) > > o IPsec "secure beacon", or detecting whether you need VPN or > not (possible starting point: draft-sheffer-ipsec-secure-beacon) > > o Detecting crashed peers faster (possible starting point: > draft-nir-ike-qcd) > > o IKEv2 session resumption / optimizing IKEv2 handshake when > connecting again to same peer/cluster of peers (possible > starting point: draft-sheffer-ipsec-failover) > > o Authentication-only IPsec that simplifies packet inspection > (possible starting points: draft-hoffman-esp-null-protocol, > draft-grewal-ipsec-traffic-visibility) > > o Using GRE "key" header field as IPsec traffic selector (possible > starting point: draft-ma-softwire-ipsec-gre-demultiplexing-ps) > > o Authentication with Cryptographically Generated Addresses (CGA) > (possible starting point: draft-laganier-ike-ipv6-cga) > > o Setting up GRE tunnels with IKE (possible starting point: > draft-wu-l3vpn-ipsec-gre-00) > Then again, much of the above is extensions, rather than fixing bugs & revising brokenness. The latter should have priority. Is IKEv2 the only thing that has issues in that regard? Jari _______________________________________________ IPsec mailing list IPsec@ietf.org https://www.ietf.org/mailman/listinfo/ipsec
- [IPsec] IPsec maintenance/extensions WG, summary … Pasi.Eronen
- Re: [IPsec] IPsec maintenance/extensions WG, summ… Arnaud Ebalard
- Re: [IPsec] IPsec maintenance/extensions WG, summ… Jari Arkko
- Re: [IPsec] IPsec maintenance/extensions WG, summ… Dan Harkins
- Re: [IPsec] IPsec maintenance/extensions WG, summ… Charlie Kaufman
- Re: [IPsec] IPsec maintenance/extensions WG, summ… Vijay Devarapallli
- Re: [IPsec] IPsec maintenance/extensions WG, summ… Vijay Devarapallli
- Re: [IPsec] IPsec maintenance/extensions WG, summ… Nicolas Williams
- Re: [IPsec] IPsec maintenance/extensions WG, summ… Dan McDonald
- Re: [IPsec] IPsec maintenance/extensions WG, summ… fan zhao
- Re: [IPsec] IPsec maintenance/extensions WG, summ… fan zhao
- Re: [IPsec] IPsec maintenance/extensions WG, summ… Suresh Krishnan
- Re: [IPsec] IPsec maintenance/extensions WG, summ… Lakshminath Dondeti
- Re: [IPsec] IPsec maintenance/extensions WG, summ… Ana Kukec
- Re: [IPsec] IPsec maintenance/extensions WG, summ… Hui Deng
- Re: [IPsec] IPsec maintenance/extensions WG, summ… Andreas Steffen
- Re: [IPsec] IPsec maintenance/extensions WG, summ… Kumar, Sunil
- Re: [IPsec] IPsec maintenance/extensions WG, summ… ma yc
- Re: [IPsec] IPsec maintenance/extensions WG, summ… Grewal, Ken
- Re: [IPsec] IPsec maintenance/extensions WG, summ… Yoav Nir
- Re: [IPsec] IPsec maintenance/extensions WG, summ… Yoav Nir
- Re: [IPsec] IPsec maintenance/extensions WG, summ… Yaron Sheffer
- Re: [IPsec] IPsec maintenance/extensions WG, summ… Yoav Nir
- Re: [IPsec] IPsec maintenance/extensions WG, summ… Yoav Nir
- Re: [IPsec] IPsec maintenance/extensions WG, summ… Richard Barnes
- Re: [IPsec] IPsec maintenance/extensions WG, summ… Yoav Nir
- Re: [IPsec] IPsec maintenance/extensions WG, summ… Nicolas Williams
- Re: [IPsec] IPsec maintenance/extensions WG, summ… Cheryl Madson
- Re: [IPsec] IPsec maintenance/extensions WG, summ… Nicolas Williams
- Re: [IPsec] IPsec maintenance/extensions WG, summ… Yingzhe Wu
- Re: [IPsec] IPsec maintenance/extensions WG, summ… Yoav Nir
- Re: [IPsec] IPsec maintenance/extensions WG, summ… Yoav Nir
- Re: [IPsec] IPsec maintenance/extensions WG, summ… Pasi.Eronen
- Re: [IPsec] IPsec maintenance/extensions WG, summ… Pasi.Eronen
- Re: [IPsec] IPsec maintenance/extensions WG, summ… Pasi.Eronen
- Re: [IPsec] IPsec maintenance/extensions WG, summ… Pasi.Eronen
- Re: [IPsec] IPsec maintenance/extensions WG, summ… Pasi.Eronen
- Re: [IPsec] IPsec maintenance/extensions WG, summ… Pasi.Eronen@nokia.com
- Re: [IPsec] IPsec maintenance/extensions WG, summ… Richard Barnes
- Re: [IPsec] IPsec maintenance/extensions WG, summ… Yoav Nir
- Re: [IPsec] IPsec maintenance/extensions WG, summ… Hui Deng
- Re: [IPsec] IPsec maintenance/extensions WG, summ… Nicolas Williams
- Re: [IPsec] IPsec maintenance/extensions WG, summ… Nicolas Williams
- Re: [IPsec] IPsec maintenance/extensions WG, summ… Jean-Michel Combes
- Re: [IPsec] IPsec maintenance/extensions WG, summ… Pasi.Eronen
- Re: [IPsec] IPsec maintenance/extensions WG, summ… Joy Latten
- Re: [IPsec] IPsec maintenance/extensions WG, summ… Julien Laganier
- Re: [IPsec] IPsec maintenance/extensions WG, summ… Julien Laganier
- Re: [IPsec] IPsec maintenance/extensions WG, summ… Peng Yang
- Re: [IPsec] IPsec maintenance/extensions WG, summ… Peng Yang