Hi, we issued a new version of the draft. It addresses comments received during WGLC (in particular, Paul's review). More precisely: we added clarifications and ASCII arts to make document more clear. We also described error handling in more details. In addition, to address concerns sent to authors off the list about possible DoS issues, we explicitly allow a scenario when multiple key exchanges take place only after peers authenticate each other. This is an optional mode since it leaves initial IKE SA protected with only a single key exchange, only re-keyed SAs are fully protected in this mode.
We believe we addressed all the concerns raised during WGLC. Regards, Valery for the authors. > A New Internet-Draft is available from the on-line Internet-Drafts > directories. > This draft is a work item of the IP Security Maintenance and Extensions WG of > the IETF. > > Title : Multiple Key Exchanges in IKEv2 > Authors : C. Tjhai > M. Tomlinson > G. Bartlett > S. Fluhrer > D. Van Geest > O. Garcia-Morchon > Valery Smyslov > Filename : draft-ietf-ipsecme-ikev2-multiple-ke-04.txt > Pages : 32 > Date : 2021-09-30 > > Abstract: > This document describes how to extend the Internet Key Exchange > Protocol Version 2 (IKEv2) to allow multiple key exchanges to take > place while computing a shared secret during a Security Association > (SA) setup. The primary application of this feature in IKEv2 is the > ability to perform one or more post-quantum key exchanges in > conjunction with the classical (Elliptic Curve) Diffie-Hellman key > exchange, so that the resulting shared key is resistant against > quantum computer attacks. Another possible application is the > ability to combine several key exchanges in situations when no single > key exchange algorithm is trusted by both initiator and responder. > > This document updates RFC7296 by renaming a transform type 4 from > "Diffie-Hellman Group (D-H)" to "Key Exchange Method (KE)" and > renaming a field in the Key Exchange Payload from "Diffie-Hellman > Group Num" to "Key Exchange Method". It also renames an IANA > registry for this transform type from "Transform Type 4 - Diffie- > Hellman Group Transform IDs" to "Transform Type 4 - Key Exchange > Method Transform IDs". These changes generalize key exchange > algorithms that can be used in IKEv2. > > > The IETF datatracker status page for this draft is: > https://datatracker.ietf.org/doc/draft-ietf-ipsecme-ikev2-multiple-ke/ > > There is also an htmlized version available at: > https://datatracker.ietf.org/doc/html/draft-ietf-ipsecme-ikev2-multiple-ke-04 > > A diff from the previous version is available at: > https://www.ietf.org/rfcdiff?url2=draft-ietf-ipsecme-ikev2-multiple-ke-04 > > > Internet-Drafts are also available by anonymous FTP at: > ftp://ftp.ietf.org/internet-drafts/ > > > _______________________________________________ > IPsec mailing list > IPsec@ietf.org > https://www.ietf.org/mailman/listinfo/ipsec _______________________________________________ IPsec mailing list IPsec@ietf.org https://www.ietf.org/mailman/listinfo/ipsec
