On Mon, 4 Jul 2016, Scott Fluhrer (sfluhrer) wrote:
Actually, the draft is a bolt-on to existing authentication methods;
You might object "how is this different from a having a possibly global
authentication key";
Because of this, it wouldn't appear to be advisable to wait for the full
> -Original Message-
> From: IPsec [mailto:ipsec-boun...@ietf.org] On Behalf Of Paul Wouters
> Sent: Monday, July 04, 2016 5:44 AM
> To: Yoav Nir
> Cc: ipsec@ietf.org; Mark McFadden
> Subject: Re: [IPsec] Further thoughts on draft-flutter-qr-ikev2 as an IPsecME
> WG document
>
> On Sun,
The draft provides postquantum protection to any SA, regardless
of the authentication methods used. In other words, PPKs (as specified in the
draft)
don't replace preshred keys authentication in IKEv2, they augment
any authentication method to provide postquantum security.
The original title
On Mon, 4 Jul 2016, Valery Smyslov wrote:
> Isn't this kinda off-topic for the thread? I though we were first
> considering "create an IKEv2 extension that mixes in the PSK" as the
> simplest way to get around the "go back to IKEv1" guidance.
So that was not entire clear to me from the
Hi Paul,
Isn't this kinda off-topic for the thread? I though we were first considering
"create an IKEv2 extension that mixes in the PSK" as the simplest way to get
around the "go back to IKEv1" guidance.
So that was not entire clear to me from the title, but it seems you are
right.
Perhaps
On 4 Jul 2016, at 12:44 PM, Paul Wouters wrote:
> On Sun, 3 Jul 2016, Yoav Nir wrote:
>
>>> 3) The Internet Draft Currently under consideration is not the best
>>> starting point as it assumes that post-quantum pre-shared keys are the
>>> preferred solution for quantum
On Sun, 3 Jul 2016, Paul Hoffman wrote:
On 3 Jul 2016, at 11:32, Paul Wouters wrote:
> On Jul 3, 2016, at 21:08, Mark McFadden wrote:
>
> A number of quantum-resistant asymmetric public key algorithms have been
> proposed, e.g. NTRU, NewHope, McEliece,
On Sun, 3 Jul 2016, Yoav Nir wrote:
3) The Internet Draft Currently under consideration is not the best starting
point as it assumes that post-quantum pre-shared keys are the preferred
solution for quantum resistance. This is not obviously the case; there are a
number of drawbacks with the