Hi all,
Any comments and suggestions are welcome.
Best regards,
Xiaohu
> -邮件原件-
> 发件人: internet-dra...@ietf.org [mailto:internet-dra...@ietf.org]
> 发送时间: 2016年10月31日 19:15
> 收件人: Xuxiaohu; zhangdacheng; Xialiang (Frank)
> 主题: New Version Notification for
> I'm very concerned that we don't wind up with insecure Group PSKs as
> we had with IKEv1.
This description does not reduce IKEv2 security - the PPK is used next to IKEv2
security.
Furthermore, the description can also support pairwise keys.
I had a look at the description, and a later
Scott Fluhrer (sfluhrer) wrote:
>> Michael Richardson writes: > > - Authentication; if someone with a
>> Quantum Computer can break the DH > > in real time, do we care if he
>> can act as a man-in-the-middle? Scott > > Fluhrer: not important
>> Michael
> -Original Message-
> From: Tero Kivinen [mailto:kivi...@iki.fi]
> Sent: Monday, October 31, 2016 11:20 AM
> To: Michael Richardson
> Cc: Scott Fluhrer (sfluhrer); IPsecme WG (ipsec@ietf.org)
> Subject: Re: [IPsec] FW: Quantum Resistance Requirements
>
> Michael Richardson writes:
> >
Hello,
I’ve posted a new version of the TCP encapsulation draft with the following
changes:
1. Added a section to explicitly discuss how to fallback from UDP to TCP
(retransmissions, etc) based on feedback from the charter discussion
2. Explained that this method of encapsulation can be used
A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the IP Security Maintenance and Extensions of the
IETF.
Title : TCP Encapsulation of IKE and IPsec Packets
Authors : Tommy Pauly
Michael Richardson writes:
> > - Authentication; if someone with a Quantum Computer can break the DH
> > in real time, do we care if he can act as a man-in-the-middle? Scott
> > Fluhrer: not important Michael Richardson: important, provided that we
> > don't run into the same