I have read draft-wang-ipsecme-hybrid-kem-ikev2-frodo-03. I support adoption. I am not sure the WG has a clear overall strategy.
I haven't done a detailed comparison to the ipsecme-ikev2-mlkem document.
If we are going to have a document-per-major algorithm, then I would like to
suggest that they have very similiar table of contents.
I also don't think we need so much motherhood text in the introduction of
either document. (Surely CFRG or PQUIP documents that say it all)
From what I understand, both mlkem and frodo-kem will first do a
quantum-vulnerable (I like to call them "DISCO era" rather than "legacy")
exchange. {I think the use of the term "regular key exchange" is wrong}
Then they use IKE_INTERMEDIATE in order to be able to transport the bigger
keys/key agreements.
Neither document has any test vectors that I could see.
I guess they will be big :-(
--
Michael Richardson <[email protected]> . o O ( IPv6 IøT consulting )
Sandelman Software Works Inc, Ottawa and Worldwide
signature.asc
Description: PGP signature
_______________________________________________ IPsec mailing list -- [email protected] To unsubscribe send an email to [email protected]
