Hi, David, On Wed, Oct 25, 2017 at 3:52 PM, Black, David <david.bl...@dell.com> wrote:
> Hi Spencer, > > > Also for my benefit, but somewhat more worrying - is the working group > fairly > > confident that a specifying second MTI key management scheme will be > possible > > at some point, that does not trip over the problems described in > [nist-ecc] and > > can be implemented in kernels, or is conforming to the guidance in > [RFC7696] > > going to be problematic? I see Mirja mentioned SEC discussions about > only one > > MTI key management mechanism being chosen now, but my question is a > little > > different - I'm asking if the situation is likely to improve anytime > soon. > > Short answer: Yes. > > Longer answer: See https://www.ietf.org/mail-archive/web/tcpinc/current/ > msg01363.html > > The draft will be revised to reflect the contents of that message, > including a "SHOULD" requirement for a second key exchange mechanism that > is not based on a NIST curve. This approach has been checked with the > Security ADs, and they're OK with it. Fabulous. Spencer
_______________________________________________ Tcpinc mailing list Tcpinc@ietf.org https://www.ietf.org/mailman/listinfo/tcpinc
