Re: [IPsec] Charter update
Daniel Migault <mglt.ietf@gmail.com> Mon, 21 July 2014 18:31 UTC
Return-Path: <mglt.ietf@gmail.com>
X-Original-To: ipsec@ietfa.amsl.com
Delivered-To: ipsec@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 27D8D1A006C for <ipsec@ietfa.amsl.com>; Mon, 21 Jul 2014 11:31:56 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id eDLHQ39nxYnn for <ipsec@ietfa.amsl.com>; Mon, 21 Jul 2014 11:31:54 -0700 (PDT)
Received: from mail-wi0-x229.google.com (mail-wi0-x229.google.com [IPv6:2a00:1450:400c:c05::229]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2CE091A004B for <ipsec@ietf.org>; Mon, 21 Jul 2014 11:31:54 -0700 (PDT)
Received: by mail-wi0-f169.google.com with SMTP id n3so4706404wiv.2 for <ipsec@ietf.org>; Mon, 21 Jul 2014 11:31:52 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=uct7MGiMeMJUTQfZf43LuMj9D6Kiu1Lrb6LavlfMt2k=; b=koymfKNyPjPZHaJrW8s3POUlXzHNwrf/N9BvD4yDUJuEPWx4/H0/FG0OPd6aYGPPZL 0l3grR30s7VcgIy594Xc7lXo0zD6FOJu3VH/xFjvrNTSDNgqMIQeiRtCZQhmGSfLONvK qi3IgLPUpOfxkpYmm+fmiVy69J37/2PwhcLxzKhviWtUP1QiiUed53zKkP8q7fwqSHO/ fvvWfTnT5xZsWfnnWoNKmy6LLOClkMzYX3f7/5G81J3IL7bA0eIxjkowYTUrvd6xIonK fPjOY6QcPn/ISY4WYhnres58hyJ4WoggoeLfzc84nKifYiesN0QMnKMAOx1lntFZxyaV k38w==
MIME-Version: 1.0
X-Received: by 10.194.63.77 with SMTP id e13mr25166771wjs.104.1405967512856; Mon, 21 Jul 2014 11:31:52 -0700 (PDT)
Received: by 10.194.137.67 with HTTP; Mon, 21 Jul 2014 11:31:52 -0700 (PDT)
In-Reply-To: <53CAD2D5.6070907@gmail.com>
References: <53CAA14C.80301@gmail.com> <alpine.LFD.2.10.1407191539350.22651@bofh.nohats.ca> <53CACDD6.1090707@gmail.com> <alpine.LFD.2.10.1407191608180.22651@bofh.nohats.ca> <53CAD2D5.6070907@gmail.com>
Date: Mon, 21 Jul 2014 20:31:52 +0200
Message-ID: <CADZyTknj5PcTWTRcBSk8HHNaq_98hwzB9jZz3sVjQXy1ej4O2w@mail.gmail.com>
From: Daniel Migault <mglt.ietf@gmail.com>
To: Yaron Sheffer <yaronf.ietf@gmail.com>
Content-Type: multipart/alternative; boundary="047d7b86d9622b70d604feb85208"
Archived-At: http://mailarchive.ietf.org/arch/msg/ipsec/yrNdzIxoVeKwkt1ohiR2skFygHw
Cc: IPsecME WG <ipsec@ietf.org>, Paul Wouters <paul@nohats.ca>
Subject: Re: [IPsec] Charter update
X-BeenThere: ipsec@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Discussion of IPsec protocols <ipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipsec>, <mailto:ipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ipsec/>
List-Post: <mailto:ipsec@ietf.org>
List-Help: <mailto:ipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 21 Jul 2014 18:31:56 -0000
Hi,
If that is appropriated I would like to see the following items on the
charter:
- 1) multiple interfaces that is describing how to optimize the IPsec
settings between two hosts when at least one of the host has more than one
interface.
- 2) beet mode that defining a new mode so the overhead of IPsec
Payload can be reduced,
- 3) IPsec contexts that is documenting the parameters that are
exchanged between two Security Gateways in order to manage clusters of VPN
Security Gateways.
- 4) Extending MOBIKE to transport mode.
- 5) Finally, I think there might be some work in order to enable IPsec
for IoT, especially designing IKEv2 extensions or looking at defining a
mode or a way to send ESP payload without carrying the IV.
BR,
Daniel
On Sat, Jul 19, 2014 at 10:19 PM, Yaron Sheffer <yaronf.ietf@gmail.com>
wrote:
>
>> You are revising the decision NOT to have IKE TCP:
>>
>> "There is interest in solving this issue by
>> allowing transport of IKE over TCP; this is currently
>> implemented by some vendors. The group will standardize such
>> a solution."
>>
>> If you remove the first sentence, then it only talks about UDP and how
>> we are working on standarising fragmentation support using UDP.
>>
>> Paul
>>
>
> OK, makes sense. We need to remove that sentence.
>
> Thanks,
> Yaron
>
>
> _______________________________________________
> IPsec mailing list
> IPsec@ietf.org
> https://www.ietf.org/mailman/listinfo/ipsec
>
--
Daniel Migault
Orange Labs -- Security
+33 6 70 72 69 58
- [IPsec] Charter update Yaron Sheffer
- Re: [IPsec] Charter update Paul Wouters
- Re: [IPsec] Charter update Yaron Sheffer
- Re: [IPsec] Charter update Paul Wouters
- Re: [IPsec] Charter update Yaron Sheffer
- Re: [IPsec] Charter update Daniel Migault
- Re: [IPsec] Charter update Paul Hoffman
- Re: [IPsec] Charter update Sean Turner
- Re: [IPsec] Charter update Michael Richardson