Hi Alissa, > ---------------------------------------------------------------------- > COMMENT: > ---------------------------------------------------------------------- > > I think this document should formally update RFC 7296. Was that discussed > in the WG?
I don't think it is necessary. This document defines an extension to IKEv2, which is negotiated by means of exchange of notifications (a "de facto" standard negotiation mechanism in IKEv2), so it doesn't change anything defined in RFC7296. An application compliant with RFC7296 will remain compliant after this specification is (hopefully) be published as RFC. We have a lot of extensions to IKEv2 defined they didn't update RFC7296. > I think the citation for [NISTPQCFP] should link to the actual call for > proposals. I'll let Panos or Scott comment on it. > Section 6: > > "In addition, the policy SHOULD be set to negotiate only quantum- > resistant symmetric algorithms; while this RFC doesn't claim to give > advice as to what algorithms are secure (as that may change based on > future cryptographical results), below is a list of defined IKEv2 and > IPsec algorithms that should not be used, as they are known to > provide less than 128 bits of post-quantum security" > > This paragraph mixes normative SHOULD with non-normative "should not" > in the > same paragraph. I was wondering if that is intentional. I think that it's OK here (because the first SHOULD is normative, while the second is just an advise of what algorithms are not secure from current cryptographers point of view). Regards, Valery. _______________________________________________ IPsec mailing list IPsec@ietf.org https://www.ietf.org/mailman/listinfo/ipsec
