Hi, a new version (-03) of the QSKE draft is published. It contains quite a lot of changes from the -02 version:
1. Negotiation method is changed to standard (via new Transform Types in SA payload) 2. Using multiple key exchanges in the CREATE_CHILD_SA exchange is addressed 3. "IKE_AUX" is changed to "INTERMEDIATE" (to align with the draft-smyslov-ipsecme-ikev2-aux-02) 4. IANA considerations section is added 5. Temporary IDs for PQ KE methods (using VendorID) are removed Please, review the draft. Some issues have already been discussed and the changes reflect the WG consensus, some are new and the text reflects only the authors' current opinion. Regards, Valery (for the authors) > A new version of I-D, draft-tjhai-ipsecme-hybrid-qske-ikev2-03.txt > has been successfully submitted by C. Tjhai and posted to the > IETF repository. > > Name: draft-tjhai-ipsecme-hybrid-qske-ikev2 > Revision: 03 > Title: Framework to Integrate Post-quantum Key Exchanges into > Internet Key Exchange Protocol > Version 2 (IKEv2) > Document date: 2019-01-14 > Group: Individual Submission > Pages: 19 > URL: > https://www.ietf.org/internet-drafts/draft-tjhai-ipsecme-hybrid-qske-ikev2-03.txt > Status: > https://datatracker.ietf.org/doc/draft-tjhai-ipsecme-hybrid-qske-ikev2/ > Htmlized: > https://tools.ietf.org/html/draft-tjhai-ipsecme-hybrid-qske-ikev2-03 > Htmlized: > https://datatracker.ietf.org/doc/html/draft-tjhai-ipsecme-hybrid-qske-ikev2 > Diff: > https://www.ietf.org/rfcdiff?url2=draft-tjhai-ipsecme-hybrid-qske-ikev2-03 > > Abstract: > This document describes how to extend Internet Key Exchange Protocol > Version 2 (IKEv2) so that the shared secret exchanged between peers > has resistance against quantum computer attacks. The basic idea is > to exchange one or more post-quantum key exchange payloads in > conjunction with the existing (Elliptic Curve) Diffie-Hellman > payload. > > > > > Please note that it may take a couple of minutes from the time of submission > until the htmlized version and diff are available at tools.ietf.org. > > The IETF Secretariat _______________________________________________ IPsec mailing list IPsec@ietf.org https://www.ietf.org/mailman/listinfo/ipsec
