> On Nov 16, 2016, at 10:49, Yoav Nir <[email protected]> wrote: > > So I suggest to add the following paragraph at the end of section 2 of the > eddsa draft: > > The context parameter for Ed448 MUST be set to the empty string.
I agree. Context seems useful for generic crypto but not for something that is already strongly bound by an IETF transport protocol. Additionally, we have a similar problem too when allowing the same key in IKEv1 and IKEv2 where the key has different security properties. Paul _______________________________________________ IPsec mailing list [email protected] https://www.ietf.org/mailman/listinfo/ipsec
