Those of you with long-ish memories will recall that about three years ago, Shota Nagayama and I wrote an I-D on the (relatively minor) modifications to IKEv2 necessary to use key material generated by quantum key distribution (QKD) devices. At the time, it generated a bit of controversy, both because not everyone in the WG agrees on the value of QKD itself (a position I understand, though happen to disagree with) and because there were concerns about whether it is within charter for ipsecme. So, it more or less got set aside. We have since talked to a number of people who are supportive of having a documented means of coupling IPsec to QKD, without necessarily taking a strong position on whether QKD will ultimately hold a large place in the security market. Being one who hates leaving loose ends lying around, I would like to finish this up and get it published as an RFC, presumably Experimental.
The basic argument in favor of doing so: * several commercial and near-commercial implementations of QKD exist (along with numerous experimental ones); * each implementation uses the generated key material in a different way, some at L2, some with IPsec; * ETSI began standardizing some of the low-level technologies, including physical signals and timing and framing; * experimental deployments are continuing to grow, and those deployments may include IPsec; and * given that IPsec and IKE are products of the IETF, any necessary changes should be documented and controlled through IETF rather than another organization. That last point is, I think, critical. Current status: * We have just uploaded an -01 of the I-D we wrote, incorporating feedback from several people, including Sean Turner, Sheila Frankel and Alan Mink. http://datatracker.ietf.org/doc/draft-nagayama-ipsecme-ipsec-with-qkd/?include_text=1 * An open source software implementation of the -00 version exists, built off of raccoon2. We will be updating this to match the -01 draft. Shota and I (and Shigeya Suzuki, who is not an author on the draft but is familiar with our work) will be in Honolulu. I will arrive Monday evening, leaving Thursday evening. We hope to meet with folks who are interested in this topic. Happy to answer questions via email, as well. Regards, —Rod Rodney Van Meter associate professor, Faculty of Environment and Information Studies, Keio University, Japan [email protected] personal: http://web.sfc.keio.ac.jp/~rdv/ AQUA Group: http://aqua.sfc.wide.ad.jp/ Murai Lab: http://www.sfc.wide.ad.jp/IRL/ GIGA: http://ic.sfc.keio.ac.jp/ Quantum Networking: http://www.wiley.com/WileyCDA/WileyTitle/productCd-1848215371.html http://discourse.quantumnetworks.org/
_______________________________________________ IPsec mailing list [email protected] https://www.ietf.org/mailman/listinfo/ipsec
