IPSec is owned by another working group (IP Security Maintenance and Extensions (ipsecme) (ietf.org)<https://datatracker.ietf.org/wg/ipsecme/documents/>). I’m not sure who owns Mobile IPv6 or CGA.
From a higher level, what is needed here is a list of all the areas (RFCs, IANA assignments) which need to be updated when security issues arise. From what I see of the IETF organization, such a document would arise (or probably already exists) from the Security Area working group (Active IETF working groups<https://datatracker.ietf.org/wg/>). You might want to contact one of the area directors to find out exactly where that effort belongs. Perhaps they can help you get started forming a new working group if one doesn’t already exist. From: Int-area <int-area-boun...@ietf.org> On Behalf Of Joel Halpern Sent: Friday, October 21, 2022 10:25 AM To: Alexandre Petrescu <alexandre.petre...@gmail.com>; int-area@ietf.org Subject: [EXTERNAL] Re: [Int-area] Rebooting Addressing Discussion - quantum resistant IPv6 [EXTERNAL SENDER: This email originated from outside of Stratus Technologies. Do not click links or open attachments unless you recognize the sender and know the content is safe.] I am unable to parse the statement below as written. I presume I am missing something that is clear to the writer. I can understand asking that IKE(v3?) and IPSEC ESP be upgraded to support quantum resistant algorithms. As I understand it, the security community is doing that. if there are upgrades to those protocols themselves that would help make the system quantum resistant, that would be a reasonable thing to disucss with the security community. But I have no idea what it would mean for IPv6 to be quantum resistant. Without knowing what that means, I can't even guess whether there is anything to do there. Yours, Joel On 10/21/2022 4:36 AM, Alexandre Petrescu wrote: > In this addressing discussion, I was thinking, thanks to a private > conversation with experts from a manufacturer, that it might make sense > to try to make IPv6 to be quantum resistant. > > One might think IPv6 has nothing to do with it, but one should consider > the security aspects of IPv6 (IPsec, some security in Mobile IPv6, CGAs, > etc). They should be migrated to the use of quantum-resistant protocol > implementations. > > One would not like IPv6 to be discarded simply because its security > might be deemed by some to not be quantum-resistant. > > Alex > > > Le 30/09/2022 à 10:36, Luigi Iannone a écrit : >> Hi All, >> >> During the last INTArea meeting the discussion on the two drafts >> related to Internet addressing had three the clear outcomes: 1. >> The issue seems to go beyond what the INTArea has been chartered >> for. 2. The pain points (aka the problem) have to be scoped in >> a better way. In the current form, the scope is so broad that we risk >> ending up trying to boil the ocean without achieving any relevant >> result. 3. Incremental deployability remains a MUST. No >> revolution. Evolution is the only option. >> >> Concerning point 1. The documents have been taken out from INTArea >> (new naming). We still continue the discussion on the INTArea mailing >> list, at least temporarily with the option to have a dedicated >> mailing list in the future. >> >> I would like to restart discuss on point 2: the scope. >> >> The considerations draft >> (https://datatracker.ietf.org/doc/draft-iannone-internet-addressing-considerations/<https://datatracker.ietf.org/doc/draft-iannone-internet-addressing-considerations> >> <https://datatracker.ietf.org/doc/draft-iannone-internet-addressing-considerations/<https://datatracker.ietf.org/doc/draft-iannone-internet-addressing-considerations/>>) >> >> highlighted three properties, namely: Property 1: Fixed Address >> Length Property 2: Ambiguous Address Semantic Property 3: Limited >> Address Semantic Support >> >> But before going to the discussion of which property we should/want >> change the first question the comes up is: what does an address >> identify exactly? >> >> A simple answer would be: an Interface. >> >> But we all know that reality is far more complex, as pointed out with >> the many existing examples in the considerations draft. What is even >> more complex is how to provide a wealth of answers to the above >> question within a framework for evolved addressing that does not rely >> on the continued point-wise approach we see in the Internet today. >> >> In order to start specifying what this evolved addressing framework >> could be, the first steps are: - paraphrasing Lixia Zhang’s >> question from the recent RTG WG interim meeting as “What should we >> identify through an address?” - scope the work around those >> answers we believe are most desirable to avoid the boiling the ocean >> issue >> >> Do you believe this is a reasonable approach to move forward? >> >> >> Luigi >> >> _______________________________________________ Int-area mailing >> list Int-area@ietf.org<mailto:Int-area@ietf.org> >> https://www.ietf.org/mailman/listinfo/int-area<https://www.ietf.org/mailman/listinfo/int-area> > > _______________________________________________ > Int-area mailing list > Int-area@ietf.org<mailto:Int-area@ietf.org> > https://www.ietf.org/mailman/listinfo/int-area<https://www.ietf.org/mailman/listinfo/int-area> _______________________________________________ Int-area mailing list Int-area@ietf.org<mailto:Int-area@ietf.org> https://www.ietf.org/mailman/listinfo/int-area<https://www.ietf.org/mailman/listinfo/int-area>
_______________________________________________ Int-area mailing list Int-area@ietf.org https://www.ietf.org/mailman/listinfo/int-area
