Introducing quantum computer resistance in IKEv2 helps to avoid the implications of having sec admins that want to have quantum computer resistance revert back to IKEv1 with shared secrets. The draft adds quantum resistance using todays infrastructure. The qkd draft introduced a way to add quantum resistance, but it came with many different challenges of how practical it is and how costly it would be to introduce a QKD network. Instead, draft-fluhrer-qr-ikev2 uses a more practical approach that could be implemented and employed easily. Scott almost has a working PoC ready, I believe. There are details that need to be hashed out in the group, like what to do with identity hiding, but the draft is practical and can be introduced quickly and in a backwards compatible way to IKEv2. Panos
-----Original Message----- From: IPsec [mailto:[email protected]] On Behalf Of Paul Wouters Sent: Wednesday, June 22, 2016 3:33 PM To: Waltermire, David A. (Fed) <[email protected]> Cc: IPsecME WG <[email protected]> Subject: Re: [IPsec] Call for adoption on draft-fluhrer-qr-ikev2 as an IPSecME WG document On Wed, 22 Jun 2016, Waltermire, David A. (Fed) wrote: > At IETF 95 the chairs took an action to issue a call for adoption on > draft-fluhrer-qr-ikev2-01 based on WG interest in the concept described by > the draft. This call is long overdue. > > This is the official call for adoption of > https://datatracker.ietf.org/doc/draft-fluhrer-qr-ikev2/ as an IPSecME > working group (WG) document. I still don't know if we should adopt this document or https://tools.ietf.org/html/draft-nagayama-ipsecme-ipsec-with-qkd-01 The qkd document was rejected for adoption at the time for lack of interest. I would like to better understand why draft-fluhrer-qr-ikev2 would be prefered over draft-nagayama-ipsecme-ipsec-with-qkd. Paul _______________________________________________ IPsec mailing list [email protected] https://www.ietf.org/mailman/listinfo/ipsec _______________________________________________ IPsec mailing list [email protected] https://www.ietf.org/mailman/listinfo/ipsec
