Paul, on a previous email, you wrote: > I wouldn't want to broadcast my type of PPK used in IKE_INIT or IKE_AUTH, as > an active attacker could then learn this information.
I believe it was in this context; did you change your mind? If everyone is OK with a PPK_ID type. If everyone is, I'll put that into the draft... > -----Original Message----- > From: IPsec [mailto:ipsec-boun...@ietf.org] On Behalf Of Paul Wouters > Sent: Monday, April 10, 2017 12:54 PM > To: Valery Smyslov > Cc: ipsec@ietf.org WG > Subject: Re: [IPsec] Quantum Resistance SK_d, SK_pi, SK_pr etc mixing > > On Mon, 10 Apr 2017, Valery Smyslov wrote: > > > I think that it's worth to add an indication of the type of PPK_ID. > > I.e. the PPK_ID should consist of two fields - PPK_ID type (16 bits, > > managed by IANA) and PPK_ID data. That would make PPK management a > bit easier - the responder would know where to look PPK for. > > Sounds good to me. > > Paul > > _______________________________________________ > IPsec mailing list > IPsec@ietf.org > https://www.ietf.org/mailman/listinfo/ipsec _______________________________________________ IPsec mailing list IPsec@ietf.org https://www.ietf.org/mailman/listinfo/ipsec
