Hi, We've updated the optimized rekey draft. The new version has two changes: 1. Rekeying the initial Child SA has been separated to a dedicated section 5.1. The current solution relies on draft-pwouters-ipsecme-child-pfs-info to negotiate the KE method(s) for the initial Child SA in the IKE_AUTH exchange, and to use the optimized rekey when first time rekeying the initial Child SA. Otherwise, the regular rekey should be used for the first rekey. 2. Add considerations about the interaction with draft-ietf-ipsecme-ikev2-qr-alt.
Comments and review are welcome. Regards & Thanks! Wei PAN (潘伟) -----Original Message----- From: [email protected] <[email protected]> Sent: Monday, July 7, 2025 10:52 PM To: [email protected] Cc: [email protected] Subject: I-D Action: draft-ietf-ipsecme-ikev2-sa-ts-payloads-opt-05.txt Internet-Draft draft-ietf-ipsecme-ikev2-sa-ts-payloads-opt-05.txt is now available. It is a work item of the IP Security Maintenance and Extensions (IPSECME) WG of the IETF. Title: Optimized Rekeys in the Internet Key Exchange Protocol Version 2 (IKEv2) Authors: Sandeep Kampati Wei Pan Paul Wouters Meduri S S Bharath Meiling Chen Valery Smyslov Name: draft-ietf-ipsecme-ikev2-sa-ts-payloads-opt-05.txt Pages: 12 Dates: 2025-07-07 Abstract: This document describes a method for reducing the size of the Internet Key Exchange version 2 (IKEv2) CREATE_CHILD_SA exchanges used for rekeying of the IKE or Child SA by replacing the SA and TS payloads with a Notify Message payload. Reducing size and complexity of IKEv2 exchanges is especially useful for low power consumption battery powered devices. The IETF datatracker status page for this Internet-Draft is: https://datatracker.ietf.org/doc/draft-ietf-ipsecme-ikev2-sa-ts-payloads-opt/ There is also an HTML version available at: https://www.ietf.org/archive/id/draft-ietf-ipsecme-ikev2-sa-ts-payloads-opt-05.html A diff from the previous version is available at: https://author-tools.ietf.org/iddiff?url2=draft-ietf-ipsecme-ikev2-sa-ts-payloads-opt-05 Internet-Drafts are also available by rsync at: rsync.ietf.org::internet-drafts _______________________________________________ I-D-Announce mailing list -- [email protected] To unsubscribe send an email to [email protected] _______________________________________________ IPsec mailing list -- [email protected] To unsubscribe send an email to [email protected]
