Hi all,
the draft's original goal was to provide a way for G-IKEv2 to make hassle-free use of PPK (in G-IKEv2 sensitive information is transferred at the time the initial IKE SA is created). However, the draft is not tied to G-IKEv2 and can be used with IKEv2 when you need initial IKE SA to be secured with PPK. The draft was presented at IETF 106: https://datatracker.ietf.org/meeting/106/materials/slides-106-ipsecme-an-alternative-approach-for-postquantum-preshared-keys-in-ikev 2-00 As the draft's author, I obviously will support its adoption if the adoption call is issued by the chairs. As someone who implemented it, I confirm that it's easy, given you have already implemented RFC 8784 and 9242. Regards, Valery. Greetings all, DoD has customers who are interested in incorporating a PSK into the initial IKEv2 SA. While RFC 8784 already defines a PSK mechanism, the PSK is not rolled into the encryption until creation of the first Child SA. On the other hand, Alternative Approach for Mixing Preshared Keys in IKEv2 for Post-Quantum Security (draft-smyslov-ipsecme-ikev2-qr-alt) proposes a mechanism for incorporating a PSK that leverages RFC 9242's Intermediate Exchange in order to enable use of the PSK prior to IKE_AUTH. While RFC 8784 is useful as an immediate post-quantum solution, the proposed mechanism in draft-smyslov-ipsecme-ikev2-qr-alt provides PSK-fortified confidentiality earlier in the IKEv2 exchanges, and is simple to implement (given existing support for RFC 9242). I support the adoption of this draft, and am willing to contribute as a reviewer. Would the WG be interested in adopting this draft? Rebecca Guthrie she/her Center for Cybersecurity Standards (CCSS) Cybersecurity Collaboration Center (CCC) National Security Agency (NSA)
_______________________________________________ IPsec mailing list [email protected] https://www.ietf.org/mailman/listinfo/ipsec
