Hi Paul: Thanks for your advices and the comments for the draft! About your suggestion of ISE process, and the IPSecME WG "Expert Review", we will follow this existing way.
For the comments corresponding to the CBC and GCM variant, please find my response as follows: For CBC variant, we keep it here because for IKEv2 and ESP (RFC 7296, RFC 3602), this encryption mode is still valid and not deprecated (see the reference https://www.iana.org/assignments/ikev2-parameters/ikev2-parameters.xhtml#ikev2-parameters-5). In addition, the specification for the using of ShangMi in IPsec in China also keeps CBC mode. Considering backward compatibility and the above reasons, deprecating the CBC mode perhaps may be not a good choice in our draft. For GCM variant, currently, there may be no ghash hardware instructions which can be used directly by GCM variants, but we can use the multiplication instruction to speed up ghash. SM4 computation can also benifit from CPU instruction acceleration. I hope the above response can address your concern and any other comments are welcome any time. Thanks! B.R. Frank -----邮件原件----- 发件人: Paul Wouters <p...@nohats.ca> 发送时间: 2024年3月11日 8:29 收件人: Xialiang(Frank, IP Security Standard) <frank.xiali...@huawei.com> 抄送: ipsec@ietf.org; guoyanfei <guoyanf...@huawei.com>; Yu Fu <fuy...@chinaunicom.cn> 主题: Re: [IPsec] New Version Notification for draft-guo-ipsecme-ikev2-using-shangmi-00.txt On Mon, 29 Jan 2024, Xialiang(Frank, IP Security Standard) wrote: > We have submitted this new draft “Using ShangMi in the Internet Key Exchange > Protocol Version 2 (IKEv2)”, which defines a set of cryptographic transforms > for using in the IKEv2 based on Chinese cryptographic standard algorithms > (called "ShangMi" or “SM” algorithms). > The SM algorithms are mandatory in China, so this document provides a > description of how to use the SM algorithms with IKEv2 and specifies a set of > cryptographic transforms so that implementers can produce interworking > implementations. Thanks for the document. I believe the best way forward for these would be via the ISE. In which case the Working Group and Intended Status would need to be updated. But if the document proceeds that way, please keep the IPsecME WG in the loop. All the registries involved are "Expert Review", so it can be registered regardless of where or how the specification is published. As for the draft itself, I have two questions. Is the CBC variant really neccessary? CBS is being made historic or deprecated for all other IETF uses (eg see TLS 1.3). Why introduce it now for IKEv2 and ESP in combination with ShangMi ? For the GCM variants, do you know if these can make use of the ghash hardware instructions? As in, would ENCR_SM4_GCM also benefit from CPU hardware instructions available? Regards, Paul > Your comments are warmly welcome! > > B.R. > Frank > > -----邮件原件----- > 发件人: internet-dra...@ietf.org <internet-dra...@ietf.org> > 发送时间: 2024年1月29日 14:09 > 收件人: Xialiang(Frank, IP Security Standard) > <frank.xiali...@huawei.com>; guoyanfei <guoyanf...@huawei.com>; Yu Fu > <fuy...@chinaunicom.cn> > 主题: New Version Notification for > draft-guo-ipsecme-ikev2-using-shangmi-00.txt > > A new version of Internet-Draft > draft-guo-ipsecme-ikev2-using-shangmi-00.txt > has been successfully submitted by Liang Xia and posted to the IETF > repository. > > Name: draft-guo-ipsecme-ikev2-using-shangmi > Revision: 00 > Title: Using ShangMi in the Internet Key Exchange Protocol Version 2 > (IKEv2) > Date: 2024-01-29 > Group: Individual Submission > Pages: 14 > URL: > https://www.ietf.org/archive/id/draft-guo-ipsecme-ikev2-using-shangmi-00.txt > Status: > https://datatracker.ietf.org/doc/draft-guo-ipsecme-ikev2-using-shangmi/ > HTMLized: > https://datatracker.ietf.org/doc/html/draft-guo-ipsecme-ikev2-using-sh > angmi > > > Abstract: > > This document defines a set of cryptographic transforms for using in > the Internet Key Exchange Protocol version 2 (IKEv2). The transforms > are based on Chinese cryptographic standard algorithms (called > "ShangMi" or “SM” algorithms). > > The use of these algorithms with IKEv2 is not endorsed by the IETF. > The SM algorithms are mandatory in China, so this document provides a > description of how to use the SM algorithms with IKEv2 and specifies > a set of cryptographic transforms so that implementers can produce > interworking implementations. > > > > The IETF Secretariat > > > _______________________________________________ > IPsec mailing list > IPsec@ietf.org > https://www.ietf.org/mailman/listinfo/ipsec _______________________________________________ IPsec mailing list IPsec@ietf.org https://www.ietf.org/mailman/listinfo/ipsec
