Re: [IPsec] Further thoughts on draft-flutter-qr-ikev2 as an IPsecME WG document
Paul Wouters <paul@nohats.ca> Mon, 04 July 2016 09:48 UTC
Return-Path: <paul@nohats.ca>
X-Original-To: ipsec@ietfa.amsl.com
Delivered-To: ipsec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B8D0012B040 for <ipsec@ietfa.amsl.com>; Mon, 4 Jul 2016 02:48:47 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.526
X-Spam-Level:
X-Spam-Status: No, score=-2.526 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_ADSP_ALL=0.8, RP_MATCHES_RCVD=-1.426] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id P2RK9ViiLs6C for <ipsec@ietfa.amsl.com>; Mon, 4 Jul 2016 02:48:46 -0700 (PDT)
Received: from mx.nohats.ca (mx.nohats.ca [IPv6:2a03:6000:1004:1::68]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EC02212B03A for <ipsec@ietf.org>; Mon, 4 Jul 2016 02:48:45 -0700 (PDT)
Received: from localhost (localhost [IPv6:::1]) by mx.nohats.ca (Postfix) with ESMTP id 3rjhzc4fppz1Hs; Mon, 4 Jul 2016 11:48:44 +0200 (CEST)
X-Virus-Scanned: amavisd-new at mx.nohats.ca
Received: from mx.nohats.ca ([IPv6:::1]) by localhost (mx.nohats.ca [IPv6:::1]) (amavisd-new, port 10024) with ESMTP id 2WX9gdOfxqNH; Mon, 4 Jul 2016 11:48:43 +0200 (CEST)
Received: from bofh.nohats.ca (206-248-139-105.dsl.teksavvy.com [206.248.139.105]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx.nohats.ca (Postfix) with ESMTPS; Mon, 4 Jul 2016 11:48:43 +0200 (CEST)
Received: by bofh.nohats.ca (Postfix, from userid 1000) id 51CDD45C46F; Mon, 4 Jul 2016 05:48:42 -0400 (EDT)
DKIM-Filter: OpenDKIM Filter v2.10.3 bofh.nohats.ca 51CDD45C46F
Received: from localhost (localhost [127.0.0.1]) by bofh.nohats.ca (Postfix) with ESMTP id 2F697406B152; Mon, 4 Jul 2016 05:48:42 -0400 (EDT)
Date: Mon, 04 Jul 2016 05:48:41 -0400
From: Paul Wouters <paul@nohats.ca>
To: Paul Hoffman <paul.hoffman@vpnc.org>
In-Reply-To: <8D922896-8B9D-4A8C-A2E9-81646D620715@vpnc.org>
Message-ID: <alpine.LRH.2.20.1607040545500.19634@bofh.nohats.ca>
References: <94FBAD9A-C67D-4B42-BD1B-B6DBACC945C5@icc-uk.com> <985E4A9D-D5BD-430B-BCCC-BE64F804E2AA@nohats.ca> <8D922896-8B9D-4A8C-A2E9-81646D620715@vpnc.org>
User-Agent: Alpine 2.20 (LRH 67 2015-01-07)
MIME-Version: 1.0
Content-Type: text/plain; format="flowed"; charset="US-ASCII"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipsec/fwSsv4zm_Fb2QZm2JaTyshVIu2o>
Cc: "ipsec@ietf.org" <ipsec@ietf.org>, Mark McFadden <MarkMcFadden@icc-uk.com>
Subject: Re: [IPsec] Further thoughts on draft-flutter-qr-ikev2 as an IPsecME WG document
X-BeenThere: ipsec@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Discussion of IPsec protocols <ipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipsec>, <mailto:ipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipsec/>
List-Post: <mailto:ipsec@ietf.org>
List-Help: <mailto:ipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 04 Jul 2016 09:48:48 -0000
On Sun, 3 Jul 2016, Paul Hoffman wrote: > On 3 Jul 2016, at 11:32, Paul Wouters wrote: > >> > On Jul 3, 2016, at 21:08, Mark McFadden <MarkMcFadden@icc-uk.com> wrote: >> > >> > A number of quantum-resistant asymmetric public key algorithms have been >> > proposed, e.g. NTRU, NewHope, McEliece, Super-singular isogeny >> > Diffie-Hellman. >> >> I thought NTRU was patent encumbered? Is that still the case? How about >> the others you mention? >> >> I agree asking CFRG for help would be a wise decision. > > Isn't this kinda off-topic for the thread? I though we were first considering > "create an IKEv2 extension that mixes in the PSK" as the simplest way to get > around the "go back to IKEv1" guidance. So that was not entire clear to me from the title, but it seems you are right. Perhaps we can change the title from: Postquantum Preshared Keys for IKEv2 to: Postquantum protection for IKEv2 Preshared Keys SA's The original title to me reads like a "new feature" instead of like a "fix for old feature". Paul
- Re: [IPsec] Further thoughts on draft-flutter-qr-… Tommy Pauly
- Re: [IPsec] Further thoughts on draft-flutter-qr-… Paul Wouters
- Re: [IPsec] Further thoughts on draft-flutter-qr-… Scott Fluhrer (sfluhrer)
- Re: [IPsec] Further thoughts on draft-flutter-qr-… Valery Smyslov
- Re: [IPsec] Further thoughts on draft-flutter-qr-… Paul Wouters
- Re: [IPsec] Further thoughts on draft-flutter-qr-… Valery Smyslov
- Re: [IPsec] Further thoughts on draft-flutter-qr-… Yoav Nir
- Re: [IPsec] Further thoughts on draft-flutter-qr-… Paul Wouters
- Re: [IPsec] Further thoughts on draft-flutter-qr-… Paul Wouters
- Re: [IPsec] Further thoughts on draft-flutter-qr-… Yoav Nir
- Re: [IPsec] Further thoughts on draft-flutter-qr-… Paul Hoffman
- Re: [IPsec] Further thoughts on draft-flutter-qr-… Paul Wouters
- [IPsec] Further thoughts on draft-flutter-qr-ikev… Mark McFadden