As long as there is an opaque type in the list of types, everyone can reveal as much as they are comfortable with.
Paul Sent from my iPhone > On Apr 11, 2017, at 10:47, Scott Fluhrer (sfluhrer) <[email protected]> > wrote: > > Paul, on a previous email, you wrote: > >> I wouldn't want to broadcast my type of PPK used in IKE_INIT or IKE_AUTH, as >> an active attacker could then learn this information. > > I believe it was in this context; did you change your mind? > > If everyone is OK with a PPK_ID type. If everyone is, I'll put that into the > draft... > >> -----Original Message----- >> From: IPsec [mailto:[email protected]] On Behalf Of Paul Wouters >> Sent: Monday, April 10, 2017 12:54 PM >> To: Valery Smyslov >> Cc: [email protected] WG >> Subject: Re: [IPsec] Quantum Resistance SK_d, SK_pi, SK_pr etc mixing >> >>> On Mon, 10 Apr 2017, Valery Smyslov wrote: >>> >>> I think that it's worth to add an indication of the type of PPK_ID. >>> I.e. the PPK_ID should consist of two fields - PPK_ID type (16 bits, >>> managed by IANA) and PPK_ID data. That would make PPK management a >> bit easier - the responder would know where to look PPK for. >> >> Sounds good to me. >> >> Paul >> >> _______________________________________________ >> IPsec mailing list >> [email protected] >> https://www.ietf.org/mailman/listinfo/ipsec > > _______________________________________________ > IPsec mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/ipsec _______________________________________________ IPsec mailing list [email protected] https://www.ietf.org/mailman/listinfo/ipsec
