I support adopting this document. I commented to the authors offline, but sharing here: one worry is loss of fate sharing doing keying over TCP and ESP transport over UDP; the keying could succeed but ESP transport could fail, reminding me of IPsec Passthrough in firewalls and NATs. Implementations will likely benefit from guidance on how and when to declare IPsec "up". This may tie into the NAT issue Hannes brought up, as well. And the document would be improved by providing motivation for its choices, as another solution is two IKE key exchanges (traditional then PQ).
-d > On Aug 22, 2025, at 10:35 AM, Tero Kivinen <[email protected]> wrote: > > This will start four week adoption call for > draft-smyslov-ipsecme-ikev2-reliable-transport [1]. The adoption > call will end at 2025-09-21, and if you support adopting this document > as working group document send your support and comments to the > working group list. > > [1] > https://datatracker.ietf.org/doc/draft-smyslov-ipsecme-ikev2-reliable-transport/ > -- > [email protected] > > _______________________________________________ > IPsec mailing list -- [email protected] > To unsubscribe send an email to [email protected] _______________________________________________ IPsec mailing list -- [email protected] To unsubscribe send an email to [email protected]
