Re: [IPsec] Quantum Resistance SK_d, SK_pi, SK_pr etc mixing

As long as there is an opaque type in the list of types, everyone can reveal as much as they are comfortable with. Paul Sent from my iPhone > On Apr 11, 2017, at 10:47, Scott Fluhrer (sfluhrer) > wrote: > > Paul, on a previous email, you wrote: > >> I wouldn't want to

Re: [IPsec] Quantum Resistance SK_d, SK_pi, SK_pr etc mixing

Paul, on a previous email, you wrote: > I wouldn't want to broadcast my type of PPK used in IKE_INIT or IKE_AUTH, as > an active attacker could then learn this information. I believe it was in this context; did you change your mind? If everyone is OK with a PPK_ID type. If everyone is, I'll