The IESG has received a request from the IP Security Maintenance and
Extensions WG (ipsecme) to consider the following document: - 'Signature
Authentication in the Internet Key Exchange Version 2
   (IKEv2) using PQC'
  <draft-ietf-ipsecme-ikev2-pqc-auth-09.txt> as Proposed Standard

The IESG plans to make a decision in the next few weeks, and solicits final
comments on this action. Please send substantive comments to the
[email protected] mailing lists by 2026-07-31. Exceptionally, comments may
be sent to [email protected] instead. In either case, please retain the beginning
of the Subject line to allow automated sorting.

Abstract


   Signature-based authentication methods are utilized in the Internet
   Key Exchange Version 2 (IKEv2).  The current version of the IKEv2
   protocol, specified in RFC 7296, supports traditional digital
   signatures.

   This document specifies a generic mechanism for integrating post-
   quantum cryptographic (PQC) digital signature algorithms into the
   IKEv2 protocol.  The approach allows for seamless inclusion of any
   PQC signature scheme within the existing authentication framework of
   IKEv2.  Additionally, it outlines how Module-Lattice-Based Digital
   Signatures (ML-DSA) and Stateless Hash-Based Digital Signatures (SLH-
   DSA), can be employed as authentication methods within the IKEv2
   protocol, as they have been standardized by US NIST.




The file can be obtained via
https://datatracker.ietf.org/doc/draft-ietf-ipsecme-ikev2-pqc-auth/



No IPR declarations have been submitted directly on this I-D.





_______________________________________________
IETF-Announce mailing list -- [email protected]
To unsubscribe send an email to [email protected]

Reply via email to