IETF
ipsecme@jabber.ietf.org
Wednesday, July 18, 2018< ^ >
kivinen has set the subject to: IPsecME Meeting at IETF 101, London Friday 2018-03-23 11:50-13:20
Room Configuration
Room Occupants

GMT+0
[17:54:48] kivinen joins the room
[17:56:17] kivinen has set the subject to: IPsecME Meeting at IETF 102, Montreal Wednesday 2018-07-18 15:20-16:50
[17:56:25] kivinen leaves the room
[19:03:18] meetecho joins the room
[19:10:42] 1r0Dgrdi joins the room
[19:14:24] metricamerica joins the room
[19:15:09] Scott Fluhrer joins the room
[19:15:10] Vukasin Karadzic joins the room
[19:15:12] Graham Bartlett joins the room
[19:15:13] Bharath Meduri joins the room
[19:15:22] kivinen joins the room
[19:15:43] Yoav Nir joins the room
[19:15:47] paulwouters joins the room
[19:18:54] whatdafuq joins the room
[19:19:35] Dan Harkins joins the room
[19:20:43] David Waltermire joins the room
[19:21:39] <Yoav Nir> You can see the slides via meetecho, but identifying who's speaking is useful
[19:21:49] <paulwouters> agenda bashing
[19:22:16] <paulwouters> ekr (AD):
[19:23:22] <Yoav Nir> mic: yes, ipsecme-eddsa is in auth48
[19:23:48] <paulwouters> https://datatracker.ietf.org/meeting/102/materials/slides-102-ipsecme-chair-slides-01
[19:24:01] Satoru Kanno joins the room
[19:24:19] <paulwouters> tero: others in the same cluster arent there yet
[19:26:55] <Yoav Nir> @tero: yes, just one missing: https://www.rfc-editor.org/cluster_info.php?cid=C321
[19:27:15] David Schinazi joins the room
[19:36:02] <paulwouters> https://datatracker.ietf.org/meeting/102/materials/slides-102-ipsecme-quantum-resistant-ikev2-00
[19:43:51] <paulwouters> tero:
[19:46:47] Oscar Garcia-Morchon joins the room
[19:49:12] <paulwouters> jonathan hammel: why the notify in IKE_INIT
[19:52:27] <paulwouters> stanlav smyshlvaev:
[19:55:07] <paulwouters> suggest security assessment of this draft to go to CFRG
[19:55:10] Abuzafor Rasal joins the room
[19:56:19] <paulwouters> https://datatracker.ietf.org/meeting/102/materials/slides-102-ipsecme-postquantum-ikev2-00
[20:02:22] <paulwouters> Valery Smyslov:
[20:03:17] <whatdafuq> @mic: pardon my ignorance but are all of the NIST QRC submissions request/response protocols, 2 messages, one from each, and done?
[20:06:54] <paulwouters> https://datatracker.ietf.org/meeting/102/materials/slides-102-ipsecme-esp-header-compression-00
[20:07:12] <paulwouters> oh switching presentations
[20:07:19] <paulwouters> https://datatracker.ietf.org/meeting/102/materials/slides-102-ipsecme-controller-ike-00
[20:08:55] Fernando Pereniguez-Garcia joins the room
[20:09:31] <kivinen> is the audio good?
[20:09:54] <Yoav Nir> Audio is fine
[20:12:55] <paulwouters> Quynh Dang
[20:13:50] <Yoav Nir> Should be said that the private-public DH keys are generated on the peers, not the controller
[20:14:39] <Yoav Nir> IF they can't talk peer-to-peer, what's the point?
[20:14:45] <Yoav Nir> Of course they can talk peer-to-peer
[20:14:59] <paulwouters> Eric Rescorla (ekr):
[20:15:44] <Yoav Nir> The communications between nodes and controller is usually TLS-protected
[20:15:54] <paulwouters> Tero:
[20:16:05] <Yoav Nir> This is pretty much option #1.5
[20:17:05] <paulwouters> ekr:
[20:17:22] <Yoav Nir> It's not "maintenance", but it is "extension"
[20:17:30] <paulwouters> Valery Smyslov:
[20:19:23] <paulwouters> Linda Dunbar:
[20:22:23] <paulwouters> Quynh Dang:
[20:24:15] <whatdafuq> this is the Otway Rees/widemouth frog protocol but with public keys
[20:25:33] <paulwouters> ekr (AD):
[20:28:36] <Yoav Nir> Are we allowed to discuss SECRET IPSec packets in a publicly-recorded meeting?
[20:29:15] <Yoav Nir> Does Paul have the security clearance to discuss them?  :)
[20:30:18] Fernando Pereniguez-Garcia leaves the room
[20:30:57] <David Waltermire> Tommy, the two m
[20:31:16] <David Waltermire> the two mays in your new split-dns text should be in caps
[20:32:37] <David Waltermire> Same for the should in the following sentence.
[20:36:12] <paulwouters> https://datatracker.ietf.org/meeting/102/materials/slides-102-ipsecme-esp-header-compression-00
[20:36:49] Vukasin Karadzic leaves the room
[20:37:14] Oscar Garcia-Morchon leaves the room
[20:50:07] <Yoav Nir> AFAIK there is very little usage of anything beyond 4096-bit groups. I don't sense a need for 16K
[20:50:19] David Schinazi leaves the room
[20:52:06] <paulwouters> daniel van geest
[20:52:08] <Scott Fluhrer> +1
[20:52:43] <Yoav Nir> mic: I haven't heard anyone say they want this. I don't think anyone does. I think we should not do this.
[20:52:48] <Scott Fluhrer> Actually, the PPK draft (just made WGLC) does provide quantum security
[20:53:12] <paulwouters> actually scott does make a good point
[20:53:17] <Dan Harkins> I think he was talking about the KE payload stuff. No DH group does.
[20:55:19] <Yoav Nir> Good against a magic classical computer
[20:55:37] <Scott Fluhrer> :-)
[20:58:17] whatdafuq leaves the room
[20:58:23] Bharath Meduri leaves the room
[20:58:23] Graham Bartlett leaves the room
[20:58:23] Abuzafor Rasal leaves the room
[20:58:23] Dan Harkins leaves the room
[20:58:23] David Waltermire leaves the room
[20:58:23] Scott Fluhrer leaves the room
[20:58:23] Satoru Kanno leaves the room
[20:58:23] Yoav Nir leaves the room
[20:58:40] meetecho leaves the room
[20:59:01] paulwouters leaves the room
[21:00:01] kivinen leaves the room
[21:00:21] metricamerica leaves the room
[22:03:07] kivinen joins the room
[22:12:39] kivinen leaves the room