Hi,
As promised, we just had a virtual interim meeting to discuss IKEv2
fragmentation. Please see the minutes below (thanks Paul!).
Following up on this meeting, we would like to confirm the decision on
the mailing list:
- The group still thinks this is an important problem that needs an
interoperable solution.
- We would like to abandon the work on IKE-over-TCP.
- And to work on IKEv2 protocol-level fragmentation, using
draft-smyslov-ipsecme-ikev2-fragmentation as a starting point.
Please send your approval, disapproval or comments to the list within a
week (until May 23).
Thanks,
Yaron
-------- Original Message --------
Subject: Proposed minutes for today
IPsecME WG
Virtual Interim Meeting, 2013-05-16
Minutes taken by Paul Hoffman
Yaron gave introduction
Introduction superfluous
We have little energy
Maybe the draft should be individual draft with discussion on the list
Valery: is OK with this being Individual Submission
Yoav: wants it to be a WG document
Cisco has its own running code that is non-interoperable
Brian: Cisco would have to do the eventual result anyway
Yoav: Cisco is more likely to implement if they were part of the
discussion
Yaron wonders if this is a problem that needs to be resolved
Yoav: yes, and would rather work with an RFC
Tero: the problem is still there, but it just won't be TCP
The WG needs to have implementers reviews at the start
Yaron: do we want to stay with the current TCP-based solution?
Brian: might be running on sensors that don't have a TCP stack
Yoav: even he won't implement it
Yaron: is Valery's draft better than what several non-standard
implementations of what IKEv1 did
Yoav: just copying what IKEv1 did is probably wrong; doesn't know
Valery: they implemented for IKEv1 based on Microsoft's implementation
If we introduce negotiation in IKEv2, it won't be exactly the
same
The implementation will be different, but similar
Brian: it looks very similar but using a Notify for signaling, which is
an advantage
Next steps:
Ask the WG
Abandon IKE TCP
Adopt Valery's draft
Blue sheet:
Brian Weis
Daneil Migault
Paul Hoffman
Tero Kivinen
Valery Smyslov
Yaron Sheffer
Yoav Nir
_______________________________________________
IPsec mailing list
IPsec@ietf.org
https://www.ietf.org/mailman/listinfo/ipsec