Re: [IPsec] I-D Action: draft-ietf-ipsecme-qr-ikev2-01.txt

2017-12-21 Thread Panos Kampanakis (pkampana) 
This draft incorporates some minor text fixes, nits, small updates and 
PPK_SUPPORT notification is changed to USE_PPK to better reflect its purpose. 

It also includes two more important changes 
- Clarified using PPK in case of EAP authentication. It follow the same 
rational as IKE_AUTH in the last version of the draft.
- prf is replaced with prf+ for the SK_d and SK_pi/r calculations. That is done 
to accommodate potential user cases where the prf output size is not equal to 
the preferred key size. 

We think this draft is ready for LC, after the two above changes are reviewed. 

Panos



-Original Message-
From: IPsec [mailto:ipsec-boun...@ietf.org] On Behalf Of 
internet-dra...@ietf.org
Sent: Thursday, December 21, 2017 11:00 AM
To: i-d-annou...@ietf.org
Cc: ipsec@ietf.org
Subject: [IPsec] I-D Action: draft-ietf-ipsecme-qr-ikev2-01.txt


A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the IP Security Maintenance and Extensions WG of 
the IETF.

Title   : Postquantum Preshared Keys for IKEv2
Authors : Scott Fluhrer
  David McGrew
  Panos Kampanakis
  Valery Smyslov
Filename: draft-ietf-ipsecme-qr-ikev2-01.txt
Pages   : 18
Date: 2017-12-21

Abstract:
   The possibility of Quantum Computers pose a serious challenge to
   cryptography algorithms deployed widely today.  IKEv2 is one example
   of a cryptosystem that could be broken; someone storing VPN
   communications today could decrypt them at a later time when a
   Quantum Computer is available.  It is anticipated that IKEv2 will be
   extended to support quantum secure key exchange algorithms; however
   that is not likely to happen in the near term.  To address this
   problem before then, this document describes an extension of IKEv2 to
   allow it to be resistant to a Quantum Computer, by using preshared
   keys.


The IETF datatracker status page for this draft is:
https://datatracker.ietf.org/doc/draft-ietf-ipsecme-qr-ikev2/

There are also htmlized versions available at:
https://tools.ietf.org/html/draft-ietf-ipsecme-qr-ikev2-01
https://datatracker.ietf.org/doc/html/draft-ietf-ipsecme-qr-ikev2-01

A diff from the previous version is available at:
https://www.ietf.org/rfcdiff?url2=draft-ietf-ipsecme-qr-ikev2-01


Please note that it may take a couple of minutes from the time of submission 
until the htmlized version and diff are available at tools.ietf.org.

Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/

___
IPsec mailing list
IPsec@ietf.org
https://www.ietf.org/mailman/listinfo/ipsec

___
IPsec mailing list
IPsec@ietf.org
https://www.ietf.org/mailman/listinfo/ipsec

[IPsec] I-D Action: draft-ietf-ipsecme-qr-ikev2-01.txt

2017-12-21 Thread internet-drafts 

A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the IP Security Maintenance and Extensions WG of 
the IETF.

Title   : Postquantum Preshared Keys for IKEv2
Authors : Scott Fluhrer
  David McGrew
  Panos Kampanakis
  Valery Smyslov
Filename: draft-ietf-ipsecme-qr-ikev2-01.txt
Pages   : 18
Date: 2017-12-21

Abstract:
   The possibility of Quantum Computers pose a serious challenge to
   cryptography algorithms deployed widely today.  IKEv2 is one example
   of a cryptosystem that could be broken; someone storing VPN
   communications today could decrypt them at a later time when a
   Quantum Computer is available.  It is anticipated that IKEv2 will be
   extended to support quantum secure key exchange algorithms; however
   that is not likely to happen in the near term.  To address this
   problem before then, this document describes an extension of IKEv2 to
   allow it to be resistant to a Quantum Computer, by using preshared
   keys.


The IETF datatracker status page for this draft is:
https://datatracker.ietf.org/doc/draft-ietf-ipsecme-qr-ikev2/

There are also htmlized versions available at:
https://tools.ietf.org/html/draft-ietf-ipsecme-qr-ikev2-01
https://datatracker.ietf.org/doc/html/draft-ietf-ipsecme-qr-ikev2-01

A diff from the previous version is available at:
https://www.ietf.org/rfcdiff?url2=draft-ietf-ipsecme-qr-ikev2-01


Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org.

Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/

___
IPsec mailing list
IPsec@ietf.org
https://www.ietf.org/mailman/listinfo/ipsec