Behcet Sarikaya writes: > >> Why has RSA been kept? > > > > Raw RSA keys is listed in the Appendix B. Useful Optional Features > > because I do think that is going to be the most commonly used > > authentication method. When my raw public keys draft is going forward > > in the ipsecme wg, I think that will also be included in the appendix. > > > > Support. > > > Pre-shared keys has the problem that they do not scale, and in most of > > the internet of things like setups you cannot really use pre-shared > > keys. Using raw public keys solves the scalability problem, but does > > not involve the certificate validation issues. > > What about ECC instead of RSA?
That has to wait for my draft-kivinen-ipsecme-oob-pubkey to go forward. When I get that one ready I can update the minimal document to refer to that in addition to raw rsa public keys. Current IKEv2 only supports raw RSA keys, so raw ECC keys do require more specification. -- [email protected] _______________________________________________ Lwip mailing list [email protected] https://www.ietf.org/mailman/listinfo/lwip
