I think that an individual draft is OK.
That said, I believe that it should be known to the ipsec community (e.g. be announced and preferably discussed, even a bit, in the ML). Regards, Valery. Thanks Valery. Makes sense. > This may be a very short document referencing generic Kyber specification and > clarifying implementation details for IKEv2 (e.g. the format of the public key etc.). Would that be a draft towards ratification in IPSECME or something like https://datatracker.ietf.org/doc/html/draft-tls-westerbaan-xyber768d00 which does not need to be ratified and can just serve as the "Specification Required" for the TLS 1.3 IANA registry? From: Valery Smyslov <[email protected]> Sent: Tuesday, April 11, 2023 2:53 AM To: Kampanakis, Panos <[email protected]>; [email protected] Cc: [email protected] Subject: RE: [EXTERNAL]draft-ietf-ipsecme-ikev2-multiple-ke new CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you can confirm the sender and know the content is safe. Hi Panos, Hi draft-ietf-ipsecme-ikev2-multiple-ke authors, ipsecme WG, We have seen attempts to get early codepoints allocated for PQ-hybrid key exchanges in TLS 1.3 and HPKE in other IETF WGs. These, I think, are are good steps. Note for these IANA registries the requirement is "Specification Required". How about new PQ Transform Type 4 identifiers in IKEv2? Currently the draft-ietf-ipsecme-ikev2-multiple-ke draft says It is assumed that new Transform Type 4 identifiers will be assigned later for various post-quantum key exchanges [ <https://datatracker.ietf.org/doc/html/draft-ietf-ipsecme-ikev2-multiple-ke-12> IKEV2TYPE4ID]. So, if draft-ietf-ipsecme-ikev2-multiple-ke will not assign new identifiers for Kyber-768 in <https://www.iana.org/assignments/ikev2-parameters/ikev2-parameters.xhtml#ikev2-parameters-8> https://www.iana.org/assignments/ikev2-parameters/ikev2-parameters.xhtml#ikev2-parameters-8, should we be asking the Experts (Tero, Valery) consider a new allocation? Yes, that's correct. However, while it is possible to ask IANA for new allocation without any referencing document, as designated expert I would be much more comfortable if some document (even I-D) exists describing how to use Kyber-768 in specific environment of IKEv2. This may be a very short document referencing generic Kyber specification and clarifying implementation details for IKEv2 (e.g. the format of the public key etc.). Regards, Valery. Thx, Panos
_______________________________________________ IPsec mailing list [email protected] https://www.ietf.org/mailman/listinfo/ipsec
