[IPsec] IPsecME virtual meeting minutes, and way forward with fragmentation

Thu, 16 May 2013 09:57:44 -0700 

Hi,
As promised, we just had a virtual interim meeting to discuss IKEv2 fragmentation. Please see the minutes below (thanks Paul!). 


Following up on this meeting, we would like to confirm the decision on 
the mailing list:



- The group still thinks this is an important problem that needs an 
interoperable solution.

- We would like to abandon the work on IKE-over-TCP.

- And to work on IKEv2 protocol-level fragmentation, using 
draft-smyslov-ipsecme-ikev2-fragmentation as a starting point.



Please send your approval, disapproval or comments to the list within a 
week (until May 23).


Thanks,
        Yaron


-------- Original Message --------
Subject: Proposed minutes for today

IPsecME WG
Virtual Interim Meeting, 2013-05-16
Minutes taken by Paul Hoffman

Yaron gave introduction
        Introduction superfluous
        We have little energy
        Maybe the draft should be individual draft with discussion on the list

Valery: is OK with this being Individual Submission
        Yoav: wants it to be a WG document
                Cisco has its own running code that is non-interoperable
        Brian: Cisco would have to do the eventual result anyway
        Yoav: Cisco is more likely to implement if they were part of the 
discussion

Yaron wonders if this is a problem that needs to be resolved
        Yoav: yes, and would rather work with an RFC
        Tero: the problem is still there, but it just won't be TCP
                The WG needs to have implementers reviews at the start

Yaron: do we want to stay with the current TCP-based solution?
        Brian: might be running on sensors that don't have a TCP stack
        Yoav: even he won't implement it


Yaron: is Valery's draft better than what several non-standard 
implementations of what IKEv1 did

        Yoav: just copying what IKEv1 did is probably wrong; doesn't know
        Valery: they implemented for IKEv1 based on Microsoft's implementation
                If we introduce negotiation in IKEv2, it won't be exactly the 
same
                The implementation will be different, but similar

	Brian: it looks very similar but using a Notify for signaling, which is 
an advantage


Next steps:
        Ask the WG
                Abandon IKE TCP
                Adopt Valery's draft


Blue sheet:
        Brian Weis
        Daneil Migault
        Paul Hoffman
        Tero Kivinen
        Valery Smyslov
        Yaron Sheffer
        Yoav Nir



_______________________________________________
IPsec mailing list
IPsec@ietf.org
https://www.ietf.org/mailman/listinfo/ipsec






















					Reply via email to