[IPsec] Roman Danyliw's No Objection on draft-ietf-ipsecme-qr-ikev2-10: (with COMMENT)
Roman Danyliw via Datatracker <noreply@ietf.org> Wed, 08 January 2020 13:22 UTC
Return-Path: <noreply@ietf.org>
X-Original-To: ipsec@ietf.org
Delivered-To: ipsec@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id CE2AC1200B7; Wed, 8 Jan 2020 05:22:01 -0800 (PST)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
From: Roman Danyliw via Datatracker <noreply@ietf.org>
To: The IESG <iesg@ietf.org>
Cc: draft-ietf-ipsecme-qr-ikev2@ietf.org, David Waltermire <david.waltermire@nist.gov>, ipsecme-chairs@ietf.org, david.waltermire@nist.gov, ipsec@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 6.115.0
Auto-Submitted: auto-generated
Precedence: bulk
Reply-To: Roman Danyliw <rdd@cert.org>
Message-ID: <157848972183.22539.2744332616397571958.idtracker@ietfa.amsl.com>
Date: Wed, 08 Jan 2020 05:22:01 -0800
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipsec/9qgmgm-jiZs_lGSeGjsjWqNzneQ>
Subject: [IPsec] Roman Danyliw's No Objection on draft-ietf-ipsecme-qr-ikev2-10: (with COMMENT)
X-BeenThere: ipsec@ietf.org
X-Mailman-Version: 2.1.29
List-Id: Discussion of IPsec protocols <ipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipsec>, <mailto:ipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipsec/>
List-Post: <mailto:ipsec@ietf.org>
List-Help: <mailto:ipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 08 Jan 2020 13:22:02 -0000
Roman Danyliw has entered the following ballot position for draft-ietf-ipsecme-qr-ikev2-10: No Objection When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html for more information about IESG DISCUSS and COMMENT positions. The document, along with other ballot positions, can be found here: https://datatracker.ietf.org/doc/draft-ietf-ipsecme-qr-ikev2/ ---------------------------------------------------------------------- COMMENT: ---------------------------------------------------------------------- These are all editorial. ** Section 1. Per “Recent achievements in developing quantum computers …”, is there a citation? ** Section 1. Per: If the preshared key has sufficient entropy and the PRF, encryption and authentication transforms are quantum-secure, then the resulting system is believed to be quantum resistant, that is, invulnerable to an attacker with a quantum computer. -- The definition of quantum resistant doesn’t seem exactly precise. A quantum-resistant algorithm isn’t “invulnerable to an attacker with a quantum computer”, rather isn’t it instead no easier to attack than with known classical architectures? -- The first clause says the underlying primitives are quantum-secure, but then says that this translated into something being quantum-resistant. I found it confusing to mix both terms (which sometimes are used interchangeably) ** Section 1. Per “This document describes a way to extend IKEv2 to have a similar property; assuming that the two end systems share a long secret key then the resulting exchange is quantum resistant.”, I stumbled over this language a bit because I wasn’t sure which property you were referencing – was it the list of things in the previous paragraph’s last sentence that made it “quantum-secure”? ** Section 3. Per the description of modified IKEv2 key derivation: -- Recommend explicitly citing the relevant section: OLD: Then, it computes this modification of the standard IKEv2 key derivation: NEW: Then, it computes this modification of the standard IKEv2 key derivation from Section 2.14 of [RFC7296]: -- Recommend explaining the notation/relationship between the “prime versions” of the sub-keys (i.e., SK_d’ and SK_pi’ and SK_pr’) in the this SKEYSEED formula with the SKEYSEED formula in Section 2.14 of [RFC72196]. ** Editorial Nits: -- Section 1. Editorial. s/this note/this document/ -- trying to be consistent on how the I-D references itself. -- Section 4. Editorial. Recommended clarity: OLD: This will not affect the strength against a passive attacker; it would mean that an attacker with a quantum computer (which is sufficiently fast to be able to break the (EC)DH in real time) would not be able to perform a downgrade attack. NEW: This will not alter the resistance to a passive attack as even an attacker with a quantum computer (which is sufficiently fast to be able to break the (EC)DH in real time) would not be able to perform a downgrade attack. -- Section 5.2.3. Typo. s/Addtionally/Additionally/ -- Section 6. Typo. s/transmited/transmitted/
- [IPsec] Roman Danyliw's No Objection on draft-iet… Roman Danyliw via Datatracker
- Re: [IPsec] Roman Danyliw's No Objection on draft… Valery Smyslov
- Re: [IPsec] Roman Danyliw's No Objection on draft… Panos Kampanakis (pkampana)
- Re: [IPsec] Roman Danyliw's No Objection on draft… Benjamin Kaduk
- Re: [IPsec] Roman Danyliw's No Objection on draft… Valery Smyslov
- Re: [IPsec] Roman Danyliw's No Objection on draft… Roman Danyliw