IETF Logo Mail Archive

[saag] IPsecME report for IETF 110.

Tero Kivinen <kivinen@iki.fi> Wed, 10 March 2021 22:13 UTC

Return-Path: <kivinen@iki.fi>
X-Original-To: saag@ietfa.amsl.com
Delivered-To: saag@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 195313A19BD for <saag@ietfa.amsl.com>; Wed, 10 Mar 2021 14:13:08 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Level:
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=iki.fi
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jBY4onT_bpOL for <saag@ietfa.amsl.com>; Wed, 10 Mar 2021 14:13:05 -0800 (PST)
Received: from meesny.iki.fi (meesny.iki.fi [195.140.195.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id ED75E3A19C0 for <saag@ietf.org>; Wed, 10 Mar 2021 14:13:04 -0800 (PST)
Received: from fireball.acr.fi (fireball.kivinen.iki.fi [IPv6:2001:1bc8:100d::2]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) (Authenticated sender: kivinen) by meesny.iki.fi (Postfix) with ESMTPSA id 49A3A203D5 for <saag@ietf.org>; Thu, 11 Mar 2021 00:13:02 +0200 (EET)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=iki.fi; s=meesny; t=1615414382; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=k4Cpns/Coj04EKoaiyVX1XmjwvFofjfAxNAkH0YZ1Zg=; b=jJVsjPNX8GAGrqkQXRBCJ/V+Th7wAfxT4TbgrSuSDdMrx7yB1UL7PhcasD+umSuk5NHH1v vXA8ikDES26A89NoluN8VF5un8jISjfyhLQakEGa5UXs6P8bCGBc9nerMJGBaZN3Oog9mA 6s4P2pD6WM58Eglak8O8D5HMQf+Bydk=
Received: by fireball.acr.fi (Postfix, from userid 15204) id EAB5E25C0B96; Thu, 11 Mar 2021 00:13:01 +0200 (EET)
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Message-ID: <24649.17517.791816.331354@fireball.acr.fi>
Date: Thu, 11 Mar 2021 00:13:01 +0200
From: Tero Kivinen <kivinen@iki.fi>
To: saag@ietf.org
X-Mailer: VM 8.2.0b under 26.3 (x86_64--netbsd)
X-Edit-Time: 2 min
X-Total-Time: 2 min
ARC-Seal: i=1; s=meesny; d=iki.fi; t=1615414382; a=rsa-sha256; cv=none; b=CQb5lQGpjiVpF2qNp8nlHtKmf7t4Qq0/ZeLUHBqZMTF7Zj5C/yPw1i6E5Kv+wF6JRVF3DC eFLxj6brZ1f84p/XCjdKaoCEmEgLehlivRXZgfke+9TDLJ2BsMhy/uumC2Rc3ZGnr8VAiq BDCb/6rXKhF8xNJohqnClcOmJP36rdo=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=iki.fi; s=meesny; t=1615414382; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=k4Cpns/Coj04EKoaiyVX1XmjwvFofjfAxNAkH0YZ1Zg=; b=by1x43Z/s+ho4yMjKqXhV3H+93eLkxkJJN3jHaVJm1LCRRpIM9Bl8MfNyMljFvfTJJjdPE 58QsF6GbsC8YIbnXKO/b8PLoHNqUP8LtlVFClP6GyLYw/pniEh8iFkNJKKnfUmQHVcoZk4 MG9im6qXtYc9PSVwYvsxWf4c9Wm50XI=
ARC-Authentication-Results: i=1; ORIGINATING; auth=pass smtp.auth=kivinen smtp.mailfrom=kivinen@iki.fi
Archived-At: <https://mailarchive.ietf.org/arch/msg/saag/sr9FGbSZhbBArtS6JxXqnmvt7ns>
Subject: [saag] IPsecME report for IETF 110.
X-BeenThere: saag@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Area Advisory Group <saag.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/saag>, <mailto:saag-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/saag/>
List-Post: <mailto:saag@ietf.org>
List-Help: <mailto:saag-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/saag>, <mailto:saag-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 10 Mar 2021 22:13:08 -0000

IPsecME met in the first Monday session and we had busy agenda
covering some old items and some things coming back, and few new items
too.

The working group status [1] has been updated as follows:
----------------------------------------------------------------------
IPv6 and IPv4 status codes draft was published as RFC8983.
Intermediate and iptfs drafts are past WGLC. Labeled IPsec and
Multiple Key Exchanges drafts are going to start WGLC soon. Group Key
Management using IKEv2 would need to get few more reviews before WGLC.  

Iptfs Yang model draft and RFC8229bis has been adopted as working
group drafts. Iptfs MIB and IKEv1 graveyard drafts are currently in
the process of being adopted as working group drafts. 

New work includes IKEv2 configuration for Encrypted DNS, Optional SA &
TS Payload in Child Exchange. There has also been some discussion
about modifying the base IKEv2 payload format, both to make it more
compact for constrained devices, and allow it to go over 64kB payload
limit.
----------------------------------------------------------------------
[1] https://datatracker.ietf.org/group/ipsecme/about/status/
-- 
kivinen@iki.fi

v2.8.7 | Report a Bug | By Email