[saag] IPsecME report for IETF 112
Tero Kivinen <kivinen@iki.fi> Mon, 08 November 2021 15:04 UTC
Return-Path: <kivinen@iki.fi>
X-Original-To: saag@ietfa.amsl.com
Delivered-To: saag@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1])
by ietfa.amsl.com (Postfix) with ESMTP id 3CC4D3A10CF
for <saag@ietfa.amsl.com>; Mon, 8 Nov 2021 07:04:34 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.099
X-Spam-Level:
X-Spam-Status: No, score=-2.099 tagged_above=-999 required=5
tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1,
DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001,
SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key)
header.d=iki.fi
Received: from mail.ietf.org ([4.31.198.44])
by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id 8f7sE63oQu6y for <saag@ietfa.amsl.com>;
Mon, 8 Nov 2021 07:04:29 -0800 (PST)
Received: from lahtoruutu.iki.fi (lahtoruutu.iki.fi [IPv6:2a0b:5c81:1c1::37])
(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
(No client certificate requested)
by ietfa.amsl.com (Postfix) with ESMTPS id 7FB283A1060
for <saag@ietf.org>; Mon, 8 Nov 2021 07:04:28 -0800 (PST)
Received: from fireball.acr.fi (fireball.kivinen.iki.fi
[IPv6:2001:1bc8:100d::2])
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256)
(No client certificate requested)
(Authenticated sender: kivinen@iki.fi)
by lahtoruutu.iki.fi (Postfix) with ESMTPSA id 531AF1B0008C
for <saag@ietf.org>; Mon, 8 Nov 2021 17:04:22 +0200 (EET)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=iki.fi; s=lahtoruutu;
t=1636383862;
h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
to:to:cc:mime-version:mime-version:content-type:content-type:
content-transfer-encoding:content-transfer-encoding;
bh=g8GWJUj8ZG+3+BtaJPtNT6Iu0NW7lYywOBw8zw1QPPs=;
b=foirvjl6QUpF98biBOthseHVuhP3C0c2Za5A9gyAqK1mqgheSlJXQqoZaJ+ElJuHXX9fdu
JxIEAOiLQ1tLLTfxi0A1DwGKJlN2V3tKDYNiRuoyb4Hw/Xi8vLCbfj2aeZVzb+0nHyjK+a
1yWCKtKuMWl3XXYKyYztTIISMZ7ID4D2aSgkbAODSDu6je9QOrswpbh052hCRhVSafvMLS
B7Kjtj4PBw5Wkpgeg6/OSqyLUBLQFcNMHGZsy0QqA7pDSCg08KxJcMNV6df0G+VDY7djya
8diXzN8HGyhh/bKVgE/j8G2Z41K3NJUuhOowugdHxfr0arbwkzF6BztC2cqQqA==
Received: by fireball.acr.fi (Postfix, from userid 15204)
id E4E1A25C12C4; Mon, 8 Nov 2021 17:04:21 +0200 (EET)
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Message-ID: <24969.15477.882496.297841@fireball.acr.fi>
Date: Mon, 8 Nov 2021 17:04:21 +0200
From: Tero Kivinen <kivinen@iki.fi>
To: saag@ietf.org
X-Mailer: VM 8.2.0b under 26.3 (x86_64--netbsd)
X-Edit-Time: 3 min
X-Total-Time: 2 min
ARC-Seal: i=1; s=lahtoruutu; d=iki.fi; t=1636383862; a=rsa-sha256; cv=none;
b=IaPwYs6wp3yv8sSBu642BEtitXe7E0fJQHTaJvxVhLpitTr+9zao59JNkOgfbZCC8vJrY9
Ud7Azr8s6EHKqDgJT7DgYnQ9Kf9WPAQuuD77vg3UDeqPE10VkHW9QomTP9/HhYFC4eRvHE
t19qMaawNtOEpIlGFWR4/hFI68m+HSxh8tPJMSdW4v15tLbhR3ecpyWci8jr6RSLeZojUc
y2fo2qIQOyzlBQ1bguaGlvkRND/JOiNMEy/jfDnaD5gcYPsfLGe2rjIVoZWACAXhn/WmC/
cX8BV1y7RRW7WUt+TDV5O2ShFDrREbH3vSlVTTehCeK1pceqSlE1VXZ1pv2tYw==
ARC-Authentication-Results: i=1; ORIGINATING;
auth=pass smtp.auth=kivinen@iki.fi smtp.mailfrom=kivinen@iki.fi
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=iki.fi;
s=lahtoruutu; t=1636383862;
h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
to:to:cc:mime-version:mime-version:content-type:content-type:
content-transfer-encoding:content-transfer-encoding;
bh=g8GWJUj8ZG+3+BtaJPtNT6Iu0NW7lYywOBw8zw1QPPs=;
b=myPEjcz0CR7/a+2oPd0kzB7UDn+rumz+/ykXs3sU4+8/Ob2AHfTOyKbA132VnzWM6lzg00
q0H9Oc0YMis2P0ClIBmu9q/vZz9/HIf85Pn9TJ36wUThqs1wNGMDTNqXjTGob9ADh9G7lf
6Epkzgm25SGG023F29NgNiTO7hjXnKtUFcGAGO552qh5BILf2nNx79XmzDMbhnIpvjECHS
QrEVdNW2XMw9C8ReYwvxK1paXXC875AbQQwAqoMEwbT973VGL3R6DJnh7xrFNgaETsvP9w
7ynNtE9T3AnrCPr6B1o+UvzuUf4NpCPAMZOiEEPLmFgQQMy1xN7QikRRYfB78A==
Archived-At: <https://mailarchive.ietf.org/arch/msg/saag/P8MR9_T8666PZBCNaa7WBkhCPFg>
Subject: [saag] IPsecME report for IETF 112
X-BeenThere: saag@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Area Advisory Group <saag.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/saag>,
<mailto:saag-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/saag/>
List-Post: <mailto:saag@ietf.org>
List-Help: <mailto:saag-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/saag>,
<mailto:saag-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 08 Nov 2021 15:04:38 -0000
IPsecME WG got its tradional session kicking of the IETF 112, i.e., first session on Monday morning. We had two hours and used most of them. Here is the status update [1] already updated to the datatracker: ---------------------------------------------------------------------- Publication has been requested for Intermediate draft. Base IPTFS draft had long discussion during the IETF 112 WG session and the final issues on it was resolved, so now the IPTFS drafts (base, yang and mib) should be ready for publication. Multiple Key Exchanges draft should also be ready for publication. Labeled IPsec and Deprecation of IKEv1 and obsoleted algorithms drafts are past WGLC and are getting ready for publication soon. Group Key Management using IKEv2 did not get any reviews yet, but is now in the WGLC to get more reviews. RFC8229bis has been adopted as working group draft, but there has not been that much discussion about it yet. IKEv2 configuration for Encrypted DNS and Announcing Supported Authentication Methods in IKEv2 drafts are now in the progress of being adopted to the WG. There has not been that much happening with other new work, like Optional SA & TS Payload in Child Exchange. modifying the base IKEv2 payload format, both to make it more compact for constrained devices, and allow it to go over 64kB payload limit. ---------------------------------------------------------------------- [1] https://datatracker.ietf.org/group/ipsecme/about/status/ -- kivinen@iki.fi
- [saag] IPsecME report for IETF 112 Tero Kivinen