[07:46:39] VirtualQueue_5qk1lzDR joins the room
[07:46:57] Leonie Bruckert joins the room
[07:46:58] John Mah joins the room
[07:46:58] John Border joins the room
[07:47:01] Yoav Nir joins the room
[07:47:07] Daniel Van Geest joins the room
[07:47:16] CJ Tjhai joins the room
[07:47:51] kivinen joins the room
[07:48:55] Leonie Bruckert leaves the room
[07:49:27] Leonie Bruckert joins the room
[07:49:47] Leonie Bruckert leaves the room
[07:50:01] Leonie Bruckert joins the room
[07:51:28] paulwouters joins the room
[07:51:48] <paulwouters> prefix comments for the mic with MIC: please
[07:52:25] <Yoav Nir> Hi, Paul
[07:52:25] Leonie Bruckert leaves the room
[07:52:31] Leonie Bruckert joins the room
[07:52:42] <paulwouters> https://datatracker.ietf.org/meeting/106/materials/slides-106-ipsecme-chair-slides-02
[07:52:54] kaduk@jabber.org/barnowl joins the room
[07:53:04] kaduk@jabber.org/barnowl has set the subject to: IPsecME Meeting at IETF 106 - https://datatracker.ietf.org/meeting/106/materials/agenda-106-ipsecme - http://etherpad.ietf.org/p/notes-ietf-106-ipsecme
[07:53:34] Satoru Kanno joins the room
[07:53:48] Ching-Heng Ku joins the room
[07:54:12] Valery Smyslov joins the room
[07:55:04] kaduk@jabber.org/barnowl has set the subject to: IPsecME Meeting at IETF 106 - https://datatracker.ietf.org/meeting/106/materials/agenda-106-ipsecme - http://etherpad.ietf.org/p/notes-ietf-106-ipsecme
[07:55:21] <Yoav Nir> It's OK
[07:55:28] kaduk@jabber.org/barnowl has set the subject to: IPsecME Meeting at IETF 106 - https://datatracker.ietf.org/meeting/106/materials/agenda-106-ipsecme - http://etherpad.ietf.org/p/notes-ietf-106-ipsecme
[07:55:33] Ching-Heng Ku leaves the room
[07:55:36] Ching-Heng Ku joins the room
[07:56:02] <paulwouters> ben: is it okay now. i hear tero echoing in the room ?
[07:56:21] Tobias Heider joins the room
[07:56:46] Leonie Bruckert leaves the room
[07:56:49] Leonie Bruckert joins the room
[07:56:56] <paulwouters> Daniel: slide said my draft is not posted yet, it is posted now.
[07:56:59] <paulwouters> https://datatracker.ietf.org/meeting/106/materials/slides-106-ipsecme-hybrid-qske-for-ikev2-interoperability-testing-event-01
[07:57:30] Leonie Bruckert leaves the room
[07:57:57] Leonie Bruckert joins the room
[07:59:21] Mohamed Boucadair joins the room
[07:59:28] <paulwouters> jokes around requesting of early code point. which was just done 1 minute before meeting
[08:00:08] <paulwouters> sean turner: do you plan to submit to implementation report?
[08:00:26] <paulwouters> sean: this is a place to advertise interoperability
[08:00:41] <paulwouters> john Hammel?   did you test child rekey.
[08:00:55] <paulwouters> valery: only had 1 implementation, so could not test
[08:01:30] <paulwouters> valery: strongswan has some concerns about how rekeying is specified
[08:01:52] <paulwouters> valery: we will have discussion with authors
[08:02:46] Stefan-Lukas Gazdag joins the room
[08:02:50] <paulwouters> valery: not many comments on draft, mostly from authors only
[08:03:14] <paulwouters> https://datatracker.ietf.org/meeting/106/materials/slides-106-ipsecme-ip-traffic-flow-security-00
[08:08:28] Tobias Guggemos joins the room
[08:08:55] Mohamed Boucadair leaves the room
[08:11:08] <paulwouters> valery: you seem to leave out transport mode? any reason ?
[08:11:53] <paulwouters> christian: because we chop up packets
[08:12:22] <paulwouters> christian: you also leak more data in transport mode. why worry about other analyses
[08:12:28] <paulwouters> valery: I'm not so sure
[08:12:45] <paulwouters> valery: you want to allocate a new protocol number?
[08:12:53] <paulwouters> valery: is it only used on ESP trailer ?
[08:13:07] Tuomo Soini joins the room
[08:13:11] <paulwouters> valery: do you really need it ?
[08:13:46] <paulwouters> christian: it is easier to get an ip number, then to create a new registry
[08:14:15] <paulwouters> Ben Kadek:  an IP number is kind of a big deal
[08:14:54] <Yoav Nir> The protocol number is the IPv6 extension header type, no?  Since this one is used only in the ESP header, we might as well standardize on using one of the reserved ones (253 or 254), no?
[08:15:25] <paulwouters> Ben: you need to add machinery for this. issues with alignment.... can we make it something very simple.
[08:15:34] <paulwouters> christian: 32bit alignment
[08:15:51] <paulwouters> Tero: for protocol nunmber. we only need it in ESP trailer. we can do without  it
[08:16:03] <paulwouters> tero: there is protocol number 0
[08:16:16] <Yoav Nir> https://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml
[08:16:18] <paulwouters> Tero: ipv6 does something similar
[08:16:23] <Yoav Nir> Right.  253-255 are reserved
[08:16:45] <paulwouters> Tero: other option is using "wrapped ESP"
[08:16:50] <Yoav Nir> (OK, 253 and 254 is "for experimentation")
[08:17:30] <paulwouters> Tero: third option: since it is negotiated. this traffic is always going to be this multiplexed traffic. we can say protocol number is ignored
[08:18:14] <paulwouters> michael richardson:  clarifying question for Tero: if we use wrapped ESP that would be the protocol of the outer thing or the next header within ESP.
[08:18:26] <paulwouters> Tero: i would do it as outer/ real ip header
[08:18:38] <paulwouters> tero: we can reserve one more bit there
[08:19:18] <paulwouters> michael:  when we do ESP over UDP the outer IP header says UDP and we only know it is ESP because we negotiated it. we could not put wrapped ESP there
[08:19:37] <paulwouters> tero: wrapped esp defines how to do this. it uses special SPI numbers
[08:20:31] <paulwouters> christian: we should not be so scared asking for ip number.
[08:20:38] <paulwouters> christian: we could ask for private number
[08:21:08] <paulwouters> david: lets talk elsewhere. we need to move on
[08:21:11] <paulwouters> AFK :)
[08:23:00] serge-parfait goma joins the room
[08:27:14] <kaduk@jabber.org/barnowl> I think that was Hu Jun with the question
[08:28:44] serge-parfait goma leaves the room
[08:30:59] <Yoav Nir> I like the notify payload better. All implementations deal correctly with unknown notify payloads (there's so many of them).  Nobody added new TS types so far. Who knows what implementations will do
[08:31:12] <kaduk@jabber.org/barnowl> Do you  want that at the mic?
[08:31:29] <Yoav Nir> Sorry
[08:31:31] <Yoav Nir> mic: I like the notify payload better. All implementations deal correctly with unknown notify payloads (there's so many of them). Nobody added new TS types so far. Who knows what implementations will do
[08:31:35] Stefan-Lukas Gazdag leaves the room
[08:32:30] <kaduk@jabber.org/barnowl> mind if I editorialize?
[08:32:39] <Yoav Nir> Sure
[08:33:39] <kaduk@jabber.org/barnowl> hopefully that was okay
[08:34:24] <Yoav Nir> Of course this doesn't apply to Paul's implementation on mine, that are totally standards-compliant and bug-free, but all those other implementations around...
[08:34:45] Stefan-Lukas Gazdag joins the room
[08:35:05] <kaduk@jabber.org/barnowl> (Tero from the floor mic)
[08:37:38] <Yoav Nir> hummmmm
[08:37:46] <Yoav Nir> hummmmm
[08:38:07] <kaduk@jabber.org/barnowl> That was hum for both understand and object?
[08:38:23] <Yoav Nir> Tero is right: if the peer doesn't understand the NOTIFY, the SA comes up and it doesn't have labels and that's not what you've wanted.  So yes, I understand and have concerns
[08:38:43] <paulwouters> yoav: but tero also said: you should never do this to someone who doesnt understand this anyway
[08:38:53] <paulwouters> (and that also applies for new TS TYPEs which are the alternatives)
[08:39:18] <paulwouters> https://datatracker.ietf.org/meeting/106/materials/slides-106-ipsecme-ikev2-optional-sats-payloads-in-child-exchange-00
[08:39:28] <Yoav Nir> misconfiguration happens all the time
[08:39:53] <Yoav Nir> That's the reason the TLS working group keeps rejecting "data-center only" extensions
[08:40:07] <Yoav Nir> They don't stay in the DC
[08:41:10] Antony Antony joins the room
[08:42:20] Valery Smyslov leaves the room
[08:45:11] <kaduk@jabber.org/barnowl> It's common to have implementations that allow changing configuration
on running SAs?  Today I learned.
[08:47:08] <Yoav Nir> A policy change is so rare that you can probably suffer a failed rekey when this happens.  I don't think this is a problem
[08:47:50] Ching-Heng Ku leaves the room
[08:50:13] <Yoav Nir> mic: Why two separate notifications: SA_UNCHANGED and SA_TS_UNCHANGED? The first is for phase 1 the second for phase 2.  There's no ambiguity. You might as well use one.
[08:52:33] <paulwouters> david: are there IPR concners?
[08:53:06] <paulwouters> presenter: there is a IPR release
[08:53:08] <kaduk@jabber.org/barnowl> (Christian Hopps)
[08:53:21] <kaduk@jabber.org/barnowl> (Sean Turner)
[08:53:30] <paulwouters> Sean: reasonable non-discriminatory
[08:54:11] Tobias Heider leaves the room
[08:55:02] <paulwouters> Ben (AD):   review of charter text in a week or two
[08:55:18] Tobias Heider joins the room
[08:55:25] <paulwouters> Tero: so we need to update charter anyway ?
[08:56:03] <kaduk@jabber.org/barnowl> The M is "Maintenance", not "Minor"
[08:57:07] Tobias Heider leaves the room
[08:57:10] Tobias Heider joins the room
[08:57:56] Stefan-Lukas Gazdag leaves the room
[08:59:52] Valery Smyslov joins the room
[09:01:51] Stefan-Lukas Gazdag joins the room
[09:02:15] Tobias Heider leaves the room
[09:03:21] Tobias Heider joins the room
[09:05:38] <kaduk@jabber.org/barnowl> Well, we obsolete things when there is a replacement you should use
instead.  Historic is for "this was once a thing but is no longer a
thing; tough luck"
[09:07:58] <paulwouters> https://datatracker.ietf.org/meeting/106/materials/slides-106-ipsecme-an-alternative-approach-for-postquantum-preshared-keys-in-ikev2-00
[09:13:42] <paulwouters> https://datatracker.ietf.org/meeting/106/materials/slides-106-ipsecme-draft-mglt-ipsecme-multiple-child-sa-00
[09:16:51] John Border leaves the room
[09:17:19] <Yoav Nir> Seems like a good companion for RFC 6027.  Not sure it's worth it.  CREATE_CHILD_SA is pretty quick and efficient.
[09:18:12] <Yoav Nir> Sorry.  6311.  6027 was the problem statement
[09:18:41] <kaduk@jabber.org/barnowl> ISTR that this sort of CPU-affinity-based load division can cause
excitement for congestion-control algorithms
[09:20:46] Valery Smyslov leaves the room
[09:21:05] mcr joins the room
[09:21:25] paulwouters leaves the room
[09:21:37] kivinen leaves the room
[09:21:48] Stefan-Lukas Gazdag leaves the room
[09:21:49] <Yoav Nir> It's also exciting for security gateways.  You have a dozen SAs on one side, and a dozen SAs on the other.  What you want is for them to be paired based on "connections".  So if packets of one TCP connection are encrypted one way with one core, you want the responses going back to the same core.  That's hard to manage, but it's required for firewalls that co-exist with the VPN gateway
[09:21:57] Daniel Van Geest leaves the room
[09:21:57] CJ Tjhai leaves the room
[09:22:28] John Mah leaves the room
[09:22:28] Tobias Guggemos leaves the room
[09:22:28] Leonie Bruckert leaves the room
[09:22:28] Tobias Heider leaves the room
[09:22:28] Antony Antony leaves the room
[09:22:28] Tuomo Soini leaves the room
[09:22:28] Yoav Nir leaves the room
[09:22:28] Satoru Kanno leaves the room
[09:24:14] Meetecho leaves the room
[09:25:33] VirtualQueue_5qk1lzDR leaves the room
[09:37:48] VirtualQueue_GQATBirl joins the room
[10:02:16] paulwouters joins the room
[10:17:25] paulwouters leaves the room
[11:10:19] mcr leaves the room: Disconnected: closed