Hi Quinh,
please look at the draft-ietf-ipsecme-ikev2-multiple-ke-00. It specifically addresses your concern about large public keys of PQ KE methods. Actually, it's generally OK to have public keys/signatures up to 64Kbytes. If you need to deal with larger keys, then some update of the specs is needed. Regards, Valery. From: IPsec [mailto:ipsec-boun...@ietf.org] On Behalf Of Dang, Quynh H. (Fed) Sent: Wednesday, June 17, 2020 4:49 PM To: ipsecme mailing list Subject: [IPsec] Maximum sizes of IKEv2 messages and UDP messages ? Hi everyone, I am interested in knowing what are typical maximum sizes for IKEv2 messages and UDP messages in implementations. The reason is that the IKEv2's spec has a must and a should being 1280 and 3000 bytes respectively for IKEv2 messages, but does not have a maximum limit. As you know some of the post quantum cryptographic candidates in our standardization process have large or very large public key , signature and/or ciphertext sizes. My guess is that some updates to the spec and/or implementations would make them work. Your data points and discussions are appreciated. Regards, Quynh.
_______________________________________________ IPsec mailing list IPsec@ietf.org https://www.ietf.org/mailman/listinfo/ipsec
