On Thu, 30 Jun 2016, Rodney Van Meter wrote:
I think it’s pretty clear that a mechanism for using keys created in some out-of-band fashion for keying symmetric encryption methods, such as AES, is valuable.
Yes.
Neither Shota nor I have sat down and reviewed this in detail, so I can’t really comment yet, but I’m happy to support whatever results in the best standard, whether it’s starting from fluhrer or from https://tools.ietf.org/html/draft-nagayama-ipsecme-ipsec-with-qkd-01
Good.
defined carefully. If that’s done right, it can be used to support QKD-generated keys, or a daily or weekly courier.
Yes.
One of the biggest technical issues, and one that hit us, was what to do when the key generation channel is disrupted. We proposed a set of fallback options in that draft, which generated significant controversy.
I think those should not be in the document itself. It could be in a separate document.
I *don’t* think it’s yet appropriate to work on one-time pad, as I think that results in more complex changes to IPsec than is reasonable to bite off.
But onetime pads is how implementations without access to quantum computers would want to test their implementation. Paul _______________________________________________ IPsec mailing list [email protected] https://www.ietf.org/mailman/listinfo/ipsec
