Hi, Valery. Thank you for this draft. Having read it, I have some comments.
First, the problem of IKE having too large packets in certain environments is a real problem. We’ve already addressed it with fragmentation, and the TCP encapsulation draft proposes yet another way. I think either of those can solve most of the bad router and noisy line issues. I also think that IKE is quite low-volume so the savings in number of bytes sent from, say, a mobile phone are not an issue. So the only scenario where compression may have value is for an IoT device working on a battery and/or using a particularly slow network. Second, as I understand it, those battery-powered devices tend to use 802.15.4 networks with 127-byte frames. There’s 6LoWPAN to provide fragmentation support, but that’s similar to using IKE’s fragmentation for the same issue. Can anything be done at all with 127-byte frames, that include the (IPv6?) headers, the 8-byte UDP header, the 20-byte IKEv2 header in addition to all the payload headers? If we need fragmentation anyway, I don’t know if compression matters. Third, I haven’t tested this myself, so I may be all wrong here, but I question the value of compression on IKE. IKE is a binary protocol with mostly compact binary payloads. Even the list of supported CAs is a list of hashes in IKEv2. How much can compression help? Yoav > On 25 Dec 2015, at 2:18 PM, Valery Smyslov <sva...@gmail.com> wrote: > > Hi, > > I've posted a new draft on using compression in IKEv2. > Comments, thoughts, criticism are very very welcome. > > Regards, > Valery Smyslov. > > >> A new version of I-D, draft-smyslov-ipsecme-ikev2-compression-00.txt >> has been successfully submitted by Valery Smyslov and posted to the >> IETF repository. >> Name: draft-smyslov-ipsecme-ikev2-compression >> Revision: 00 >> Title: Compression in the Internet Key Exchange Protocol Version 2 (IKEv2) >> Document date: 2015-12-25 >> Group: Individual Submission >> Pages: 17 >> URL: >> https://www.ietf.org/internet-drafts/draft-smyslov-ipsecme-ikev2-compression-00.txt >> Status: >> https://datatracker.ietf.org/doc/draft-smyslov-ipsecme-ikev2-compression/ >> Htmlized: >> https://tools.ietf.org/html/draft-smyslov-ipsecme-ikev2-compression-00 >> Abstract: >> This document describes a method for reducing the size of IKEv2 >> messages by means of lossless compression. Making IKEv2 messages >> smaller is desirable for low power consumption battery powered IoT >> devices. It also helps avoid IP fragmentation of IKEv2 messages. >> This document describes how compression is negotiated maintaining >> backward compatibility and how it is used in IKEv2. >> >> Please note that it may take a couple of minutes from the time of >> submission >> until the htmlized version and diff are available at tools.ietf.org. >> The IETF Secretariat >> > > _______________________________________________ > IPsec mailing list > IPsec@ietf.org > https://www.ietf.org/mailman/listinfo/ipsec _______________________________________________ IPsec mailing list IPsec@ietf.org https://www.ietf.org/mailman/listinfo/ipsec
