Stephen Farrell has entered the following ballot position for draft-ietf-lwig-ikev2-minimal-05: Discuss
When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html for more information about IESG DISCUSS and COMMENT positions. The document, along with other ballot positions, can be found here: https://datatracker.ietf.org/doc/draft-ietf-lwig-ikev2-minimal/ ---------------------------------------------------------------------- DISCUSS: ---------------------------------------------------------------------- I'll be a yes ballot but I'd like to chat briefly if that's ok, just to check the level of consensus behind the algorithm choices documented here. For example, is A.3.2 recommending that only AES_CBC and AES-CCM_8 ought be implemented? And would we still recommend 1536 D-H and wouldn't 2048 by itself be sufficient? Shouldn't you be clear about that kind of stuff? (I mean what algs you're telling folks to implement in appendix A.) Did the WG discuss all those kinds of decision? (Or are they just what you implemented?) The reason this is a discuss is just so that we're clear about the algorithm stuff - I suspect a bunch of folks will just do what this document says (or have already) so ensuring these choices are good ones that the WG actually thought about now is I think worthwhile. ---------------------------------------------------------------------- COMMENT: ---------------------------------------------------------------------- Would it be worth waiting on 25519 for this? Would the code-size and CPU improvements be better than publishing now? I guess it could be that the CPU improvement mightn't be as good on smaller CPUs (not sure), but I just figured it'd be good to ask since work on 25519 for IPsec is under way and it should have some benefits. (I'm fine though if the answer here is "no, not yet" in which case, there's no need to even respond to me:-) _______________________________________________ Lwip mailing list [email protected] https://www.ietf.org/mailman/listinfo/lwip
