On Thu, Apr 5, 2018 at 4:28 AM Valery Smyslov
wrote:
> Hi Michael,
>
> > > IKE_SA_INIT privacy concerns - David Schinazi
> > >
> https://datatracker.ietf.org/meeting/101/materials/slides-101-ipsecme-privacy-additions-to-the-ikev2-
> > ike-sa-init-exchange-00
> >
> > > Concerns around privacy of the peers (who the initiator is, and if
> the
> > > responder is running IKE)
> >
> > I think that we had some consensus that we should split the document
> into two
> > problem statements. Protecting the initiator identity against MITM
> attackers
> > can be solved a whole bunch of ways. A zero-knowledge proof would seem
> to
> > be a better way to start to me.
> >
> > The problem of making the IKE responders stealthed seems like a different
> > problem entirely.
>
> +1.
>
+1 to treating these problems separately.
Best,
Chris
___
IPsec mailing list
IPsec@ietf.org
https://www.ietf.org/mailman/listinfo/ipsec