Re: [secdir] Secdir last call review of draft-ietf-ipsecme-qr-ikev2-09
Uri Blumenthal <uri@mit.edu> Wed, 25 December 2019 11:57 UTC
Return-Path: <uri@mit.edu>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1CC3112082E; Wed, 25 Dec 2019 03:57:43 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.199
X-Spam-Level:
X-Spam-Status: No, score=-4.199 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fEFU3pPeOt1L; Wed, 25 Dec 2019 03:57:41 -0800 (PST)
Received: from outgoing-exchange-5.mit.edu (outgoing-exchange-5.mit.edu [18.9.28.59]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BC58A12004A; Wed, 25 Dec 2019 03:57:40 -0800 (PST)
Received: from w92exedge4.exchange.mit.edu (W92EXEDGE4.EXCHANGE.MIT.EDU [18.7.73.16]) by outgoing-exchange-5.mit.edu (8.14.7/8.12.4) with ESMTP id xBPBxhLp019915; Wed, 25 Dec 2019 06:59:44 -0500
Received: from oc11expo31.exchange.mit.edu (18.9.4.104) by w92exedge4.exchange.mit.edu (18.7.73.16) with Microsoft SMTP Server (TLS) id 15.0.1293.2; Wed, 25 Dec 2019 06:56:01 -0500
Received: from oc11expo31.exchange.mit.edu (18.9.4.104) by oc11expo31.exchange.mit.edu (18.9.4.104) with Microsoft SMTP Server (TLS) id 15.0.1365.1; Wed, 25 Dec 2019 06:57:32 -0500
Received: from oc11expo31.exchange.mit.edu ([18.9.4.104]) by oc11expo31.exchange.mit.edu ([18.9.4.104]) with mapi id 15.00.1365.000; Wed, 25 Dec 2019 06:57:32 -0500
From: Uri Blumenthal <uri@mit.edu>
To: Valery Smyslov <svan@elvis.ru>
CC: Watson Ladd <watsonbladd@gmail.com>, "ipsec@ietf.org" <ipsec@ietf.org>, "last-call@ietf.org" <last-call@ietf.org>, "draft-ietf-ipsecme-qr-ikev2.all@ietf.org" <draft-ietf-ipsecme-qr-ikev2.all@ietf.org>, secdir <secdir@ietf.org>
Thread-Topic: [secdir] Secdir last call review of draft-ietf-ipsecme-qr-ikev2-09
Thread-Index: AQHVutgQJ9+wavcRBECx2knvNxQEcqfKlyyAgAAmsQCAAFU9gA==
Date: Wed, 25 Dec 2019 11:57:32 +0000
Message-ID: <70FA58C0-97E1-4F76-B88B-A28101A46069@mit.edu>
References: <02c101d5baef$de2cdd90$9a8698b0$@elvis.ru>
In-Reply-To: <02c101d5baef$de2cdd90$9a8698b0$@elvis.ru>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
x-ms-exchange-transport-fromentityheader: Hosted
Content-Type: multipart/signed; boundary="Apple-Mail-D2EEC21A-E3BF-4669-B023-977D9FB8468C"; protocol="application/pkcs7-signature"; micalg="sha-256"
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/VSANULneTzcJXu3AywO2HnTwUdU>
Subject: Re: [secdir] Secdir last call review of draft-ietf-ipsecme-qr-ikev2-09
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 25 Dec 2019 11:57:43 -0000
NIST standards are mandatory for a subset of US citizens. But enough of businesses outside the US pay attention to what NIST says to make adding the reference relevant and useful. > On Dec 25, 2019, at 01:52, Valery Smyslov <svan@elvis.ru> wrote: > > > Hi Watson, > > thank you for spending your time on this review in Christmas Eve. > > The capitalization issue has been already noticed and fixed. > > I’m not sure the draft should mention NIST levels, because > they are relevant mostly for US customers. I think that > generic recommendations on key sizes are more appropriate > for this document. > > Regards, > Valery. > > Damn misclick. I meant With Nits. > > On Tue, Dec 24, 2019 at 8:02 PM Watson Ladd via Datatracker <noreply@ietf.org> wrote: > Reviewer: Watson Ladd > Review result: Not Ready > > Twas the night before Christmas > when all through the house > someone was desperately trying to get a review done on time. > > I didn't see anything wrong per se in the draft itself, but I found the > capitalization of quantum computer an odd choice. IKEv2 is a complicated > protocol, and I am not 100% sure that this draft does what we want it to: It > would be great if someone could check very carefully in some symbolic model, > ala what has been done in TLS. The guidance on sizes seems to rule out NIST > level 1, but not any higher levels: might be worth calling out this explicitly. > > _______________________________________________ > secdir mailing list > secdir@ietf.org > https://www.ietf.org/mailman/listinfo/secdir > wiki: http://tools.ietf.org/area/sec/trac/wiki/SecDirReview > > > -- > "Man is born free, but everywhere he is in chains". > --Rousseau. > _______________________________________________ > secdir mailing list > secdir@ietf.org > https://www.ietf.org/mailman/listinfo/secdir > wiki: http://tools.ietf.org/area/sec/trac/wiki/SecDirReview
- [secdir] Secdir last call review of draft-ietf-ip… Watson Ladd via Datatracker
- Re: [secdir] Secdir last call review of draft-iet… Watson Ladd
- Re: [secdir] Secdir last call review of draft-iet… Valery Smyslov
- Re: [secdir] Secdir last call review of draft-iet… Uri Blumenthal
- Re: [secdir] Secdir last call review of draft-iet… Watson Ladd
- Re: [secdir] Secdir last call review of draft-iet… Watson Ladd
- Re: [secdir] Secdir last call review of draft-iet… Valery Smyslov
- Re: [secdir] Secdir last call review of draft-iet… Uri Blumenthal
- Re: [secdir] Secdir last call review of draft-iet… Valery Smyslov
- Re: [secdir] Secdir last call review of draft-iet… Valery Smyslov
- Re: [secdir] [Last-Call] Secdir last call review … Paul Wouters
- Re: [secdir] [Last-Call] Secdir last call review … R. Atkinson
- Re: [secdir] [IPsec] [Last-Call] Secdir last call… Panos Kampanakis (pkampana)