Re: [IPsec] Comment on draft-kampanakis-ml-kem-ikev2

"Kampanakis, Panos" <> Tue, 20 February 2024 04:25 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 1E9DAC14F600 for <>; Mon, 19 Feb 2024 20:25:50 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -4.402
X-Spam-Status: No, score=-4.402 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01, UNPARSEABLE_RELAY=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id 7IMpQ61upe_8 for <>; Mon, 19 Feb 2024 20:25:46 -0800 (PST)
Received: from ( []) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 29B6EC14F5E5 for <>; Mon, 19 Feb 2024 20:25:46 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;;; q=dns/txt; s=amazon201209; t=1708403146; x=1739939146; h=from:to:cc:date:message-id:references:in-reply-to: mime-version:subject; bh=He9FyJiN2XLC9tkvO8QdsR5LDV/X63HtXYSvMM162U0=; b=O+NNUHKyvJBqNclUA8h9UZMutI/Rkmhp3DCx6Lxp7NZ43hnVPH4ybbE9 /sh1QR5N5hiZIlztJueUOJFrw+S4kvQkxopxzNHv3xTTtiRDNILiY1OX4 n59bbSuYNqTC+zSgtK+kfFw7ylb4F+uVtWEPFJksvDaV4nbeCInQGevhc k=;
X-IronPort-AV: E=Sophos;i="6.06,171,1705363200"; d="scan'208,217";a="327956897"
Thread-Topic: [IPsec] Comment on draft-kampanakis-ml-kem-ikev2
Received: from (HELO ([]) by with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 20 Feb 2024 04:25:40 +0000
Received: from [] by [] with esmtp (Farcaster) id c70ffbd9-5228-4d88-83e3-5bae007fe52c; Tue, 20 Feb 2024 04:25:39 +0000 (UTC)
X-Farcaster-Flow-ID: c70ffbd9-5228-4d88-83e3-5bae007fe52c
Received: from ( by ( with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1118.40; Tue, 20 Feb 2024 04:25:32 +0000
Received: from ( by ( with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA) id 15.2.1118.40; Tue, 20 Feb 2024 04:25:31 +0000
Received: from ([fe80::4f78:75cd:3117:8055]) by ([fe80::4f78:75cd:3117:8055%5]) with mapi id 15.02.1258.028; Tue, 20 Feb 2024 04:25:29 +0000
From: "Kampanakis, Panos" <>
To: "Bruckert, Leonie" <>, "" <>
CC: "Ravago, Gerardo" <>
Thread-Index: AdpTbguY61E/A+nBR8OJo8KotVdreQN70r7A
Date: Tue, 20 Feb 2024 04:25:29 +0000
Message-ID: <>
References: <>
In-Reply-To: <>
Accept-Language: en-US
Content-Language: en-US
x-originating-ip: []
Content-Type: multipart/alternative; boundary="_000_06388b41ec254b299cf878c7bad37090amazoncom_"
MIME-Version: 1.0
Archived-At: <>
Subject: Re: [IPsec] Comment on draft-kampanakis-ml-kem-ikev2
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Discussion of IPsec protocols <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Tue, 20 Feb 2024 04:25:50 -0000

Hi Leonie,

I am circling back. I updated the terminology in the just submitted the -02 version.

Thank you for the suggestion about draft-ietf-pquip-pqt-hybrid-terminology.

Hopefully IPSECME will discuss this draft in Brisbane.

From: IPsec <> On Behalf Of Bruckert, Leonie
Sent: Tuesday, January 30, 2024 6:40 AM
Subject: [EXTERNAL] [IPsec] Comment on draft-kampanakis-ml-kem-ikev2

CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you can confirm the sender and know the content is safe.

Thanks for setting up this draft!

Have you considered to align terminology with draft-ietf-pquip-pqt-hybrid-terminology? It defines a "PQ/T Hybrid Key Encapsulation Mechanism" as a "multi-algorithm KEM made up of two or more component KEM algorithms where at least one is a post-quantum algorithm and at least one is a traditional algorithm". This definition may not perfectly match how a hybrid KEM is done in IKEv2 as it is a sequential approach. However, I think it would be good to have a reference to the terminology draft.