**Session Date/Time:** 18 Mar 2025 06:00 # ipsecme ## Summary The ipsecme working group meeting covered several topics, including the charter status, adoption calls, and presentations on various drafts. Discussions included a new ESP proposal (EESP), IKEv2 negotiation for EESP, optimized rekeying in IKEv2, post-quantum cryptography in IKEv2, and a security approach for multi-segment SD-WAN. Several drafts are being considered for working group adoption. ## Key Discussion Points * **Charter Status:** The working group has been re-chartered since February. * **EESP (Enhanced ESP):** * Discussed the need for a new ESP due to limitations in the original protocol. * Highlighted requirements such as performance in hardware and software, parallel processing, and co-existence with ESP. * Hardware implementers provided feedback on TLV structures and the need for a common base protocol. * Debate on whether EESP duplicated functionality already existing in ESP. * **IKEv2 Negotiation for EESP:** * Framework for negotiating EESP features (versioning, sub-SAs, sequence numbers) in IKEv2. * Defined a new security protocol in IKEv2 for each version of EESP. * Discussion around KDFs used for sub-SA key derivation. * **PECC (Post-quantum Elliptic Curve Cryptography) Updates:** * Proposed a method for using variable-length output PRFs (like KMAC) in IKEv2. * Suggestion to rename the "PRF" registry to "KDF" to better reflect usage. * **Optimized Rekeying in IKEv2:** * Discussion on handling PFS and key methods for the initial child SA. * Several options were presented, including regular rekeying, guessing based on configuration, and partial configuration detection. * Concerns raised about incompatibility with multiple key exchanges. * **Child PFS Info:** * Discussed a draft adding the KE payload in a notify message to convey initial child information * Presented a structure to define KE type, KE algorithm, and whether it is required for the child * **Delete Info:** * A delete info notify message is sent to indicate why an SA is being deleted. * Controversy around including the text field and downtime timer. * **Post-Quantum KEM for IKEv2:** * Presented results of experiments using FrodoKEM. * Concerns were raised about the large number of code points requested and whether all variants were necessary. * **KEM-Based Authentication for IKEv2:** * Proposed a new authentication method using KEM (Key Encapsulation Mechanism) for IKEv2. * Discussion on potential security considerations and complexity compared to signature-based authentication. * **ML-KEM (Module Lattice-based KEM) for IKEv2:** * Draft proposing ML-KEM as a key exchange mechanism in IKEv2. * Addresses the final step of post-quantum key exchange * It was noted that IANA code points have been assigned and ready for adoption * **Likely Egress Selection Method for Encapsulated Network Segments:** * Proposed the likely egress selection method for encapsulated network segments * Key management for the mechanism was discussed including h-mac and key establishment. * Considered the use of shorter Edge MAC values ## Decisions and Action Items * **EESP:** Working group adoption call will be scheduled after further review. Discussions on specific features and potential simplifications will continue on the mailing list. * **IKEv2 Negotiation for EESP:** Working group adoption call will be scheduled. * **PECC (Post-quantum Elliptic Curve Cryptography) Updates:** Working group adoption call will be scheduled. * **Optimized Rekeying in IKEv2:** The authors will revisit the draft and consider simplifying it, recommending fallback to regular rekeying if optimized rekeying fails. * **Delete Info:** The author will take the discussion to the mailing list for further feedback, particularly regarding the text field and downtime timer. * **Post-Quantum KEM for IKEv2:** The authors will consider reducing the number of code points requested. Working group adoption call will be scheduled. * **ML-KEM for IKEv2:** Working group adoption call will be scheduled. * **Likely Egress Selection Method for Encapsulated Network Segments:** Author will explore key generation based on IPSEC keys ## Next Steps * Schedule adoption calls for EESP, IKEv2 Negotiation for EESP, PECC, ML-KEM based on the completion of other outstanding adoption calls. * Continue discussions on the mailing list for all presented drafts, focusing on open issues and potential simplifications. * Authors to update drafts based on meeting feedback and prepare them for working group adoption.