On 4 Jul 2016, at 12:44 PM, Paul Wouters <p...@nohats.ca> wrote: > On Sun, 3 Jul 2016, Yoav Nir wrote: > >>> 3) The Internet Draft Currently under consideration is not the best >>> starting point as it assumes that post-quantum pre-shared keys are the >>> preferred solution for quantum resistance. This is not obviously the case; >>> there are a number of drawbacks with the suggested system: >> >> I think this misstates the problem that the draft is trying to solve. The >> draft is not a solution to the problem of authenticating peers in a world >> where adversaries have quantum computers. The draft is a solution to the >> problem of authenticating peers *using pre-shared keys* in such a world. >> There may be different solutions for authenticating peers with other >> credentials. > > That was not clear to me when we were asking for adoption of the > document. In one way, I have less issues with it if the document > can clearly state that is the scope of it. On the other hand, we > might want to have a discussion about the security of PSK in general, > and whether the method deserves to be obsoleted completely because > of its continued weak deployments (eg see Snowden leaks)
We can have that discussion. Or we can resign ourselves to designing protocols to fill requirements imposed by other people. Yoav _______________________________________________ IPsec mailing list IPsec@ietf.org https://www.ietf.org/mailman/listinfo/ipsec
