Warren Kumari has entered the following ballot position for draft-ietf-ipsecme-ikev2-multiple-ke-10: No Objection
When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to https://www.ietf.org/about/groups/iesg/statements/handling-ballot-positions/ for more information about how to handle DISCUSS and COMMENT positions. The document, along with other ballot positions, can be found here: https://datatracker.ietf.org/doc/draft-ietf-ipsecme-ikev2-multiple-ke/ ---------------------------------------------------------------------- COMMENT: ---------------------------------------------------------------------- Thank you for writing this document (and also making it easy for someone like me to understand :-)) Also thanks to Geoff Huston for his DNSDOR review (https://datatracker.ietf.org/doc/review-ietf-ipsecme-ikev2-multiple-ke-07-dnsdir-lc-huston-2022-10-10/) I have a few non-blocking comments -- feel free to address them or not. I think that moving Section 2, Bullet 2 towards to top of the document would help the reader better understand why this document exists... 1: "While solving such a problem remains difficult with current computing power, it is believed that general purpose quantum computers will be able to solve this problem, implying that the security of IKEv2 is compromised." 'solving such a problem remains difficult with current computing power' implies that they *can* be solved with current computing power, while 'it is *believed* that general purpose quantum computers will be able to solve this problem' implies that quantum only *might* be able to solve them...this makes it sound like quantum machines are less of a concern than current ones :-). Perhaps 'general purpose quantum computers will *easily* be able to solve this problem'? Or 'solving such a problem is infeasible with current computing power'? (handwaving away trivial parameters) My suggestion isn't great, but hopefully I've managed to explain my concern? 2: Design Criteria - 3) Focus on post-quantum confidentiality. I understand what this is trying to say, but it feels very disjointed. I don't really have any suggested test to fix it, but just dropping the last sentence (or folding it into an earlier one) would make it much much easier to read. _______________________________________________ IPsec mailing list [email protected] https://www.ietf.org/mailman/listinfo/ipsec
