IETF Logo Mail Archive

Re: [IPsec] New Version Notification for draft-tjhai-ipsecme-hybrid-qske-ikev2-03.txt

Tobias Heider <heidert@nm.ifi.lmu.de> Thu, 28 March 2019 16:09 UTC

Return-Path: <heidert@nm.ifi.lmu.de>
X-Original-To: ipsec@ietfa.amsl.com
Delivered-To: ipsec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BC49C1204E5; Thu, 28 Mar 2019 09:09:08 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.2
X-Spam-Level:
X-Spam-Status: No, score=-4.2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id d0x-BxkCmE8W; Thu, 28 Mar 2019 09:09:06 -0700 (PDT)
Received: from acheron.ifi.lmu.de (acheron.ifi.lmu.de [IPv6:2001:4ca0:4000:1:129:187:214:135]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 03AE31202D6; Thu, 28 Mar 2019 09:09:06 -0700 (PDT)
Received: from [IPv6:2001:67c:1232:144:e08f:7ce8:fb50:addb] (unknown [IPv6:2001:67c:1232:144:e08f:7ce8:fb50:addb]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) (Authenticated sender: heidert) by acheron.ifi.lmu.de (Postfix) with ESMTPSA id C6F1E35CC2F; Thu, 28 Mar 2019 17:09:03 +0100 (CET)
To: "Panos Kampanakis (pkampana)" <pkampana@cisco.com>
Cc: Tobias Guggemos <guggemos@nm.ifi.lmu.de>, IPsecME WG <ipsec@ietf.org>, "draft-tjhai-ipsecme-hybrid-qske-ikev2@ietf.org" <draft-tjhai-ipsecme-hybrid-qske-ikev2@ietf.org>, "stefan@gazdag.de" <stefan@gazdag.de>
References: <154748799416.9552.17299073748247797491.idtracker@ietfa.amsl.com> <000101d4ad6b$4a790ca0$df6b25e0$@gmail.com> <13654392-83f1-6995-6ca5-f72b2b0be7eb@nm.ifi.lmu.de> <f1510df032fb4588be527ee0f0871d35@XCH-ALN-010.cisco.com> <001501d4e541$6b1af230$4150d690$@nm.ifi.lmu.de> <9a64907bac864d238e81d0d3dcf4c4bb@XCH-ALN-010.cisco.com>
From: Tobias Heider <heidert@nm.ifi.lmu.de>
Message-ID: <43644e2e-db7e-78da-0baf-0f26c7668d70@nm.ifi.lmu.de>
Date: Thu, 28 Mar 2019 17:09:03 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.5.3
MIME-Version: 1.0
In-Reply-To: <9a64907bac864d238e81d0d3dcf4c4bb@XCH-ALN-010.cisco.com>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
Content-Language: en-US-large
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipsec/HV3CBYnNIpJXpY7Tl-LcHCPLDuc>
Subject: Re: [IPsec] New Version Notification for draft-tjhai-ipsecme-hybrid-qske-ikev2-03.txt
X-BeenThere: ipsec@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Discussion of IPsec protocols <ipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipsec>, <mailto:ipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipsec/>
List-Post: <mailto:ipsec@ietf.org>
List-Help: <mailto:ipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 28 Mar 2019 16:09:09 -0000

On 3/28/19 2:19 PM, Panos Kampanakis (pkampana) wrote:
> Thanks Tobias, Valery and Stefan. 
>
> Imo Classic McEliece is impractical for use in live key negotiations in protocols like TLS, IKE, SSH etc. NIST will standardize more practical and secure postquantum KEMs and the added complexity for McEliece is not necessary. I understand that others might want McEliece because they trust it more. In that case, I suggest the mechanism described in #6 to be a "MAY" in the draft. 
>
> Panos
Hi Panos,

as this draft does not specify any new key exchange methods I would not
include it in this document at all.
Best would probably be in a eventual future draft that also introduces
McEliece
and/or NTS-KEM transform ID for use with IKEv2.

Regards,
Tobias

v2.23.0 | Report a Bug | By Email