I am still a bit confused about Sec. 3 (use in IKEv2):
- Where does it say (in this draft or in Sec. 2.7 of the CFRG draft)
that the IV is included explicitly, and where exactly it should go?
- In the bullet that describes the IV, I would add text that the IKE
Message ID is not an option, and why.
- How do we make sure that the key/IV combination is unique between
Initiator and Responder?
Thanks,
Yaron
On 04/27/2015 01:44 AM, Paul Hoffman wrote:
Greetings again. This begins the two-week WG Last Call on
draft-ietf-ipsecme-chacha20-poly1305, which ends Monday May 11. We would love
to hear from people in either of two groups:
- Those who have already reviewed an earlier version of this draft. Please
re-read the draft now, and let us know if it is perfect, or if there anything
else you want added or changed. This includes Yaron, PaulW, Tero, ScottF, and
Valery.
- Those who have *not* yet reviewed this draft, but want to help the IETF create good standards in
this area. If you are an IPsec implementer, or know one at your organization, reviewing this draft
and sending any comments to the list (even just "seems fine" or "I liked it except
this one thing") is useful to all of us.
It seems very likely that this new algorithm combination will appear in IKEv2
and ESP soon, and having folks give a bit more review will help prevent
whoopsies in the future.
--Paul Hoffman
_______________________________________________
IPsec mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/ipsec
