Re: [IPsec] Quantum Resistance SK_d, SK_pi, SK_pr etc mixing

2017-04-10 Thread Paul Wouters
On Mon, 10 Apr 2017, Valery Smyslov wrote: I think that it's worth to add an indication of the type of PPK_ID. I.e. the PPK_ID should consist of two fields - PPK_ID type (16 bits, managed by IANA) and PPK_ID data. That would make PPK management a bit easier - the responder would know where to

Re: [IPsec] Quantum Resistance SK_d, SK_pi, SK_pr etc mixing

2017-04-10 Thread Scott Fluhrer (sfluhrer)
I've been putting together the updates, and one question came up: what format should the PPK_ID field (sent be the initiator in the first encrypted message to identify the PPK it used) be? I'm thinking that an arbitrary octet string would be appropriate; it can be distributed at the same time

Re: [IPsec] Quantum Resistance SK_d, SK_pi, SK_pr etc mixing

2017-04-10 Thread Tero Kivinen
Michael Richardson writes: > > Tero Kivinen wrote: > > Scott Fluhrer (sfluhrer) writes: > >> Going through this suggestion (and tweaking it a bit): > >> > >> Pluses: - I believe it can be made a bit more flexible than you make > >> it out; it don't believe