IETF
ipsecme@jabber.ietf.org
Monday, November 13, 2017< ^ >
ynir has set the subject to: IPsecME Meeting at IETF 99, Prague Friday 2017-07-21 11:50-13:20 CET
Room Configuration
Room Occupants

GMT+0
[01:19:59] kivinen joins the room
[01:20:25] meetecho joins the room
[01:24:23] kivinen leaves the room: Replaced by new connection
[01:24:26] kivinen joins the room
[01:24:42] <kivinen> The IPsecME meeting will start in few minutes.
[01:25:16] Leonie Bruckert joins the room
[01:25:17] John Border joins the room
[01:25:17] CJ Tjhai joins the room
[01:25:17] Scott Fluhrer joins the room
[01:27:03] Scott Fluhrer leaves the room
[01:27:32] kivinen tablet joins the room
[01:28:34] David Waltermire joins the room
[01:29:30] richsalz@jabber.at joins the room
[01:29:35] Scott Fluhrer joins the room
[01:29:43] richsalz@jabber.at has set the subject to: IpsecME at IETF 100
[01:30:02] kivinen has set the subject to: IPsecME Meeting at IETF 100, Singapore Monday 2017-11-13 09:30-11:00
[01:32:01] synp joins the room
[01:32:55] <richsalz@jabber.at> I'm your jabber scribe.  If you want something relayed, put "mic" at the front or ping me directly.
[01:34:03] <richsalz@jabber.at> Chair slides
[01:34:04] <richsalz@jabber.at> Agenda
[01:34:19] <synp> They mis-spelled Wouters
[01:34:34] <richsalz@jabber.at> Status of WG Drafts
[01:36:12] <richsalz@jabber.at> Draft Discussions
[01:36:44] <richsalz@jabber.at> Paul Wouters at mic
[01:37:36] <richsalz@jabber.at> Daniel Migault
[01:38:28] <richsalz@jabber.at> Paul
[01:39:22] <richsalz@jabber.at> Tero
[01:40:02] <richsalz@jabber.at> Valery S...
[01:40:29] metricamerica joins the room
[01:40:56] <richsalz@jabber.at> Daniel
[01:41:25] Panos Kamapanakis joins the room
[01:41:33] <richsalz@jabber.at> Valery presenting on QR draft.
[01:41:36] <richsalz@jabber.at> Title page
[01:42:03] David Schinazi joins the room
[01:42:35] ekr joins the room
[01:42:42] <ekr> I just requested the last call for eddsa
[01:42:49] <richsalz@jabber.at> p1 background
[01:43:37] <richsalz@jabber.at> https://datatracker.ietf.org/doc/slides-100-ipsecme-quantum-resistant-ikev2/00/
[01:43:43] <richsalz@jabber.at> p2 changes to the protocol
[01:45:10] <David Waltermire> Thanks ekr!
[01:45:10] <richsalz@jabber.at> Paul Wouters
[01:45:41] <richsalz@jabber.at> (and admit to fence-post error, the slide does have page numbers)
[01:46:32] <richsalz@jabber.at> p4, Changes continued
[01:47:02] <synp> Regarding implicit IV: The IKEv2 header has a 4-byte Message ID that is a counter and sent in the clear. Only problem is that the requests and responses share the same message ID, so if we used the Message ID as counter we would re-use the nonce.
But the nonce in all current ciphers is 8 bytes, so we could generate a unique IV by setting the other 4 bytes to 0x00000000 for requests and 0x00000001 for responses.
I think it's doable.
[01:47:20] <richsalz@jabber.at> is that for the mic?  or email followup
[01:47:32] <richsalz@jabber.at> i guess the latter, since we've moved on.
[01:47:59] <synp> @richsalz: the latter. That discussion is done by now.  Maybe I'll raise it at open mic if there's time left.
[01:48:03] <richsalz@jabber.at> makes sense.
[01:48:17] <synp> s/by/for/
[01:48:27] Panos Kamapanakis leaves the room
[01:48:49] <David Waltermire> If we don't have time for open mic, please raise this on the mailing list.
[01:48:56] Panos Kamapanakis joins the room
[01:49:42] <richsalz@jabber.at> p5 changes in the draft text cont'd 2
[01:50:19] <synp> @David Waltermire: that will give me something to do at lamps :-)
[01:50:23] <richsalz@jabber.at> BTW, that's a neat hack Yoav.  Like the 'quic trick' for doing the same
[01:50:52] <richsalz@jabber.at> p6 discussion
[01:51:44] <richsalz@jabber.at> Paul Wouters
[01:53:17] <Scott Fluhrer> Well, I could offer an opiinion, I assume ou want to hear from some one
[01:53:22] <Scott Fluhrer> someone else...
[01:53:44] <richsalz@jabber.at> Mark ? (sorry, new to this group)
[01:53:58] <synp> Mark McFadden
[01:54:18] <synp> @richsalz: The 4 octets in the IKEv2 header that precede the Message ID include the request/response flag.  We could just use the 8 consecutive octets as the IV
[01:54:32] <richsalz@jabber.at> Scott, I think saying that you thought of this and don't think it's an issue would be helpful.
[01:54:47] <richsalz@jabber.at> Yoav, yeah, I get it.  Neat trick.
[01:54:47] <Scott Fluhrer> Ok, I'll say so...
[01:55:34] <kivinen> There is 4 messages on the wire using the same Message ID in ike. The initiator->response request, i->r response. r->i request, r->i reply. Then we also have fragmentation and other things.
[01:55:37] <meetecho> FYI to chairs, Scott is in the virtual queue
[01:55:51] <meetecho> (y)
[01:56:36] Simon Pietro Romano joins the room
[01:57:29] <richsalz@jabber.at> Paul
[01:58:33] DavidSchinazi joins the room
[01:58:58] <richsalz@jabber.at> Paul
[01:59:21] <synp> @kivinen: Right, but each of those messages has a different combination of Response and Initiator flags, so we need at least both of those bits.  As for fragments, I'll think of this later
[01:59:26] <Scott Fluhrer> Hmmmm
[01:59:28] <richsalz@jabber.at> standards track hum
[01:59:45] <richsalz@jabber.at> unanimous hum for standards track
[02:01:15] <richsalz@jabber.at> Tommy Pauli(?)
[02:01:25] <David Schinazi> Tommy Pauly
[02:01:41] <richsalz@jabber.at> :)
[02:03:44] <richsalz@jabber.at> Mark Orz…
[02:06:14] <richsalz@jabber.at> update vs separate non-updating document
[02:06:29] <richsalz@jabber.at> consensus to keep as a separate document
[02:06:47] <richsalz@jabber.at> recharting discussion
[02:08:07] <richsalz@jabber.at> Tero presenting
[02:08:10] <richsalz@jabber.at> p2 Why
[02:08:44] <synp> much like drafts, charters don't really expire
[02:08:48] <richsalz@jabber.at> p3 items in the charter already done
[02:08:57] <richsalz@jabber.at> p4 items left in the charter
[02:12:15] richsalz@jabber.at leaves the room: Stream closed by us: Replaced by new connection (conflict)
[02:12:17] richsalz@jabber.at joins the room
[02:12:46] <richsalz@jabber.at> sorry, network glitches.  lost a few speakers, now Paul W
[02:13:00] <richsalz@jabber.at> ekr
[02:13:49] <richsalz@jabber.at> p6 QR ikev2 (old)
[02:14:26] <richsalz@jabber.at> p7 split dns (old)
[02:14:43] <richsalz@jabber.at> p8 implicit iv (old)
[02:15:09] <richsalz@jabber.at> p9 group doi (new)
[02:15:55] <richsalz@jabber.at> Brian White
[02:16:28] <richsalz@jabber.at> ekr
[02:16:38] <richsalz@jabber.at> jun
[02:17:13] <richsalz@jabber.at> yoav
[02:18:03] <richsalz@jabber.at> brian weis (sorry said white before)
[02:18:23] <richsalz@jabber.at> hum — do we understand this item yes/no
[02:18:47] <richsalz@jabber.at> hum — do this in ipsecme or somewhere else
[02:19:47] <richsalz@jabber.at> who is willing to review/work on doc?  show of hands
[02:20:19] <richsalz@jabber.at> p10 responder mobiko (new)
[02:21:06] <richsalz@jabber.at> p11 postquanrum ikev2 (new)
[02:23:26] David Schinazi leaves the room
[02:23:31] David Schinazi joins the room
[02:26:00] <Scott Fluhrer> Sorry, we're not talking about hash based signatures
[02:27:34] <richsalz@jabber.at> quan, valery, rich salz, ekr, debbie cooley
[02:29:02] <richsalz@jabber.at> mark
[02:29:29] <richsalz@jabber.at> (yeah, btw, oops on the signature goof)
[02:29:39] <richsalz@jabber.at> hum on understanding the item
[02:29:46] <Scott Fluhrer> Hmmmmmm
[02:30:01] <richsalz@jabber.at> strong in favor of understanding
[02:30:21] <richsalz@jabber.at> hum — take it as a charter item now
[02:30:23] <Scott Fluhrer> Hmmmmmm
[02:30:26] <CJ Tjhai> Hmmm
[02:30:37] <richsalz@jabber.at> strong consensus for yes
[02:31:13] <richsalz@jabber.at> willing to review drafts?
[02:31:22] <richsalz@jabber.at> willing to help edit/write?
[02:31:33] <richsalz@jabber.at> p12 diet esp (new)
[02:32:21] <richsalz@jabber.at> hum — understand?
[02:32:23] <DavidSchinazi> Hmmm ( I understand)
[02:32:44] <DavidSchinazi> Hmmm (for charter)
[02:32:44] <richsalz@jabber.at> hum — take it on charter
[02:33:04] <richsalz@jabber.at> strong consensus for understanding and taking it on to the charter
[02:33:12] <richsalz@jabber.at> willing to review?
[02:33:15] Satoru Kanno joins the room
[02:33:16] <DavidSchinazi> I'm willing to review drafts and actively work on this
[02:33:20] <richsalz@jabber.at> willing to hep author?
[02:33:23] <DavidSchinazi> yes
[02:34:46] <richsalz@jabber.at> p13 signature algorithm negotiation (new)
[02:35:56] <richsalz@jabber.at> Valery
[02:36:33] <richsalz@jabber.at> Paul
[02:37:23] <richsalz@jabber.at> ekr
[02:38:39] <richsalz@jabber.at> hum — do we understand the topic?
[02:38:49] HAJIME WATANABE joins the room
[02:38:52] <David Schinazi> Humm (understand)
[02:38:59] <richsalz@jabber.at> strong consensus for understanding
[02:39:10] <richsalz@jabber.at> hum — should we add this to the charter?
[02:39:23] <David Schinazi> Humm (for charter)
[02:39:30] <richsalz@jabber.at> strong consensus to add to the charter
[02:39:41] <richsalz@jabber.at> p14 other items (no charter text yet)
[02:39:57] <richsalz@jabber.at> back to p10, responder mobike (new)
[02:40:46] <richsalz@jabber.at> Valery
[02:43:17] <richsalz@jabber.at> Paul
[02:44:32] <richsalz@jabber.at> Daniel
[02:44:34] <DavidSchinazi> I second Paul's point
[02:44:54] <richsalz@jabber.at> is that for the mic?
[02:45:02] <DavidSchinazi> Yes please
[02:45:18] <DavidSchinazi> Thanks :)
[02:45:58] <richsalz@jabber.at> hum — enough information to decide?
[02:46:15] <DavidSchinazi> Hmmm (I understand)
[02:46:29] <richsalz@jabber.at> strong consensus on understanding
[02:47:16] <richsalz@jabber.at> hum — add to the  charter?
[02:47:22] <DavidSchinazi> Hmmm (add to charter)
[02:47:55] <richsalz@jabber.at> not clear consensus, will go to the list
[02:48:28] <richsalz@jabber.at> valery
[02:49:50] <richsalz@jabber.at> p14 other items
[02:51:50] <richsalz@jabber.at> hum — understand the address failure errors item?
[02:52:11] <richsalz@jabber.at> no conensus yes/no, very little humming
[02:52:43] <richsalz@jabber.at> labeled ipsec
[02:52:48] <richsalz@jabber.at> paul wouters
[02:53:17] <richsalz@jabber.at>     yoav
[02:55:03] <richsalz@jabber.at> tommy pauly, speaking for david schinazi
[02:57:23] <richsalz@jabber.at> Mike McF
[02:58:56] synp leaves the room
[03:00:06] DavidSchinazi leaves the room
[03:00:07] DavidSchinazi joins the room
[03:00:38] <DavidSchinazi> I'm in DNSOP :)
[03:00:43] <richsalz@jabber.at> ha
[03:00:49] <DavidSchinazi> Thanks for relaying Tommy and Rich
[03:00:51] <ekr> I figured you were just hung over :)
[03:01:03] meetecho leaves the room
[03:01:16] CJ Tjhai leaves the room
[03:01:27] Panos Kamapanakis leaves the room
[03:01:28] Satoru Kanno leaves the room
[03:01:28] David Waltermire leaves the room
[03:01:28] Simon Pietro Romano leaves the room
[03:01:28] David Schinazi leaves the room
[03:01:28] John Border leaves the room
[03:01:28] Scott Fluhrer leaves the room
[03:01:28] Leonie Bruckert leaves the room
[03:01:28] HAJIME WATANABE leaves the room
[03:01:50] DavidSchinazi leaves the room
[03:01:59] synp joins the room
[03:02:06] synp leaves the room
[03:03:10] kivinen leaves the room: Replaced by new connection
[03:03:12] kivinen joins the room
[03:04:49] <richsalz@jabber.at> see you on the mailing list
[03:04:54] richsalz@jabber.at leaves the room
[03:05:14] metricamerica leaves the room
[03:12:06] kivinen leaves the room
[03:53:38] ekr leaves the room
[05:24:18] ekr joins the room
[07:25:27] ekr leaves the room
[07:47:46] ekr joins the room
[08:56:33] ekr leaves the room
[09:31:54] ekr joins the room
[09:32:19] ekr leaves the room
[09:55:50] ekr joins the room
[10:00:46] ekr leaves the room
[10:03:35] ekr joins the room
[10:20:56] ekr leaves the room
[12:21:52] ekr joins the room
[13:14:46] ekr leaves the room
[13:15:53] ekr joins the room
[13:16:06] ekr leaves the room
[13:57:08] kivinen tablet joins the room
[13:57:17] kivinen tablet leaves the room
[20:09:40] ekr joins the room
[22:08:59] ekr leaves the room
[22:21:55] ekr joins the room
[22:30:03] ekr leaves the room
[22:36:50] ekr joins the room
[22:39:09] ekr leaves the room
Powered by ejabberd - robust, scalable and extensible XMPP server Powered by Erlang Valid XHTML 1.0 Transitional Valid CSS!