IETF
ipsecme@jabber.ietf.org
Thursday, March 28, 2019< ^ >
kivinen has set the subject to: IPsecME Meeting at IETF 104, Prague Thursday 2019-03-28 10:50-12:20
Room Configuration
Room Occupants

GMT+0
[09:39:23] Meetecho joins the room
[09:39:47] paulwouters joins the room
[09:41:14] <paulwouters> https://datatracker.ietf.org/meeting/104/materials/slides-104-ipsecme-chair-slides-04
[09:43:02] VirtualQueue_BFGk6iz2 joins the room
[09:45:09] Elias Summermatter joins the room
[09:45:09] Jan Henzi joins the room
[09:45:10] Antony Antony joins the room
[09:45:15] Jan Friedli joins the room
[09:45:18] Bharath Meduri joins the room
[09:46:37] synp joins the room
[09:49:53] kivinen joins the room
[09:49:56] Shubham Mamodiya joins the room
[09:50:21] synp joins the room
[09:50:28] <paulwouters> if you want me to go relay something, please prefix with mic:
[09:50:58] kaduk@jabber.org/barnowl joins the room
[09:51:08] Jan Henzi leaves the room
[09:51:09] Jan Henzi joins the room
[09:53:36] Lou Berger joins the room
[09:53:46] Jan Friedli leaves the room
[09:53:48] Jan Friedli joins the room
[09:53:57] <Lou Berger> looks like we have two jabbers...
[09:54:14] David Waltermire joins the room
[09:54:56] Stepan Broz joins the room
[09:57:28] <David Waltermire> @Lou Berger can you assist with notes, at least to make sure hums and action items are recorded?
[09:57:39] paulwouters leaves the room
[09:57:48] paulwouters joins the room
[09:57:56] <David Waltermire> @paulwouters is jabber scribing.
[09:58:19] <paulwouters> (but anyone feel free to chime in if/when I'm at the mic
[09:59:01] <paulwouters> tero is on the chair slides (despite this being a presentation)
[10:00:02] <paulwouters> draft-ietf-ipsecme-ipv6-ipv4-codes: which design does WG prefer ?
[10:00:13] Satoru Kanno joins the room
[10:00:38] <paulwouters> valerie:  do not use error notify. use status notification
[10:01:08] <paulwouters> valerie: minimize the number, tero's design is good. my design was also good.
[10:01:10] <Lou Berger> @David sure
[10:01:39] <paulwouters> tero: not enough people commenting. take back to the list
[10:02:00] <Lou Berger> slide 8: no clear consensus
[10:02:04] <paulwouters> Tero : work items
[10:02:13] <paulwouters> https://datatracker.ietf.org/meeting/104/materials/slides-104-ipsecme-intermediate-exchange-in-the-ikev2-00
[10:02:16] <paulwouters> intermediate exchange
[10:03:41] <synp> EITM - exchange in the middle
[10:04:43] Jan Henzi leaves the room
[10:05:45] <synp> Paul Wouters at the mic
[10:09:44] <paulwouters> Tommy Apple: 7296 is clear about msgid. no need to update 7296
[10:09:52] <paulwouters> tommy paul i mean :) :)
[10:09:59] <paulwouters> 9sorry for trumpism)
[10:10:16] <Lou Berger> funny slip...
[10:13:34] <paulwouters> Tero (individual):  INTERMEDIATE is a frame work.   [argues both sides]
[10:14:12] <paulwouters> tobias: you can but not have to use intermediate [?]
[10:14:23] <Lou Berger> Tero: too early for hum
[10:14:51] <paulwouters> Tero: talk to list more
[10:15:18] <paulwouters> tero: anyone objects to adopting?   [no one objects]
[10:15:20] <Lou Berger> Tero: does anyone have any objections (none seen on list) to making wg draft
[10:15:30] <Lou Berger> none
[10:15:30] <paulwouters> https://datatracker.ietf.org/meeting/104/materials/slides-104-ipsecme-post-quantum-key-exchanges-in-ikev2-00
[10:20:46] <Bharath Meduri> With respect to intermediate exchange any better ways need to think avoid DOS scenarios ? or just ratelimit ? any limit need to implement on how many intermediate exchanges can be allowed ?
[10:21:24] <paulwouters> Tero: Objects to the use of the new Transform Types
[10:21:51] paulwouters leaves the room
[10:25:24] paulwouters joins the room
[10:26:40] <paulwouters> Tero: why negotiate these for the initial SA? can be done in immediate rekey
[10:30:09] <paulwouters> Scott: transforms can have attributes. we could perhaps use it. Size of SA, I believe with inherit and/or logic, size would be reasonable
[10:30:16] <paulwouters> Tero: take this to the list
[10:38:08] <paulwouters> https://datatracker.ietf.org/meeting/104/materials/slides-104-ipsecme-an-implementors-view-on-hybrid-pqke-00
[10:38:42] <Lou Berger> - no explicit poll on previous presentation, will take it to the list (general su[pport in comments from room)
[10:44:16] <paulwouters> Valery: i have implemented it. create_child_sa is a bit challenging to implement. Putting all things in one message becomes very large and lose reliability because of great numbe rof fragments
[10:45:08] <paulwouters> Valery: if people DO want to use Mcelies keys. it is not an optimal way but doable.
[10:45:35] <paulwouters> Tobias: still think this is not the optimal solution.
[10:46:13] <paulwouters> tobias: we can do mcalies in another document
[10:47:13] <paulwouters> https://datatracker.ietf.org/meeting/104/materials/slides-104-ipsecme-pqc-for-ikev2-in-strongswan-00
[10:47:58] Simon Pietro Romano joins the room
[10:48:18] Antony Antony leaves the room
[10:50:22] <paulwouters> Tobias: maybe we can do a hackathon with these 3-4 implementations
[10:50:42] <paulwouters> https://datatracker.ietf.org/meeting/104/materials/slides-104-ipsecme-esp-header-compression-and-diet-esp-00
[11:01:41] <Lou Berger> Tero: discuss on list (no poll)
[11:02:43] <Lou Berger> https://datatracker.ietf.org/meeting/104/materials/slides-104-ipsecme-labeled-ipsec-00
[11:05:02] <Lou Berger> https://datatracker.ietf.org/meeting/104/materials/slides-104-ipsecme-ikev1-graveyard-00
[11:12:11] <Bharath Meduri> Agreed the idea to deprecate ikev1 but still there are many actual deployments for ikev1 in real world so it takes little pain to convince the customers  :)
[11:17:30] <kivinen> I think one of the idea of this document was to allow vendors to point to RFC saying that IKEv1 is really obsoleted, not to modify the status of IKEv1 (it is already obsoleted).
[11:23:21] kivinen leaves the room
[11:23:47] Elias Summermatter leaves the room
[11:23:48] Stepan Broz leaves the room
[11:23:48] Simon Pietro Romano leaves the room
[11:23:48] Bharath Meduri leaves the room
[11:23:48] Jan Friedli leaves the room
[11:23:48] David Waltermire leaves the room
[11:23:48] Shubham Mamodiya leaves the room
[11:23:48] Satoru Kanno leaves the room
[11:24:12] Meetecho leaves the room
[11:25:37] VirtualQueue_BFGk6iz2 leaves the room
[11:30:51] Lou Berger leaves the room
[11:31:51] paulwouters leaves the room
[11:55:44] synp leaves the room
[12:00:59] Lou Berger joins the room
[12:32:59] synp joins the room
[12:32:59] synp leaves the room
[12:40:52] Lou Berger leaves the room
[12:52:34] Lou Berger joins the room
[13:10:20] paulwouters joins the room
[13:46:51] paulwouters leaves the room
[13:51:51] synp joins the room
[14:10:55] paulwouters joins the room
[14:22:38] synp leaves the room
[14:54:35] Lou Berger leaves the room
[15:01:52] paulwouters leaves the room
[15:07:40] synp joins the room
[15:07:45] synp leaves the room
[16:10:05] synp joins the room
[16:10:05] synp leaves the room
[16:18:06] synp joins the room
[16:18:12] synp leaves the room
[16:18:43] synp joins the room
[16:18:49] synp leaves the room
[16:24:36] synp joins the room
[16:24:49] synp leaves the room
[16:27:52] synp joins the room
[16:28:01] synp leaves the room
[16:34:48] synp joins the room
[16:34:59] synp leaves the room
[16:40:16] synp leaves the room
[16:40:20] synp joins the room
[21:53:41] paulwouters joins the room
[22:06:23] paulwouters leaves the room
Powered by ejabberd - robust, scalable and extensible XMPP server Powered by Erlang Valid XHTML 1.0 Transitional Valid CSS!