Hi! From: CJ Tjhai <c...@post-quantum.com> Sent: Tuesday, October 4, 2022 9:05 PM To: Roman Danyliw <r...@cert.org> Cc: Valery Smyslov <s...@elvis.ru>; ipsec@ietf.org Subject: Re: [IPsec] AD review of draft-ietf-ipsecme-ikev2-multiple-ke-06
Hi Roman, Many thanks for the review, really appreciate it. We will update our draft and submit a revision soon. Please see our response inline below. Best wishes, CJ and Valery On Fri, 30 Sept 2022 at 23:20, Roman Danyliw <r...@cert.org<mailto:r...@cert.org>> wrote: Hi! I performed an AD review of draft-ietf-ipsecme-ikev2-multiple-ke-06. Thanks for the work on this document. Per the shepherd write-up: ** Question 4 Several implementors have been integral in developing this document, thus implementors have indicated interest in implementing this. There is already at least two interoperable implementations of this specification. Could these implementations be explicitly named? Just an extra to Andreas' response, the interop tests have been presented in IETF meetings and the latest one was in 2021. The slides can be found here: https://datatracker.ietf.org/meeting/111/materials/slides-111-ipsecme-hybrid-ikev2-interoperability-testing-00 ** Question 5 No. The document has already been reviewed by security area people, and the cryptographic algorithms are not part of this document, but are documented separately. In addition reviews from cryptographers have already been received to the basic protocol. With no disrespect intended to the expertise of the authors, what is the process used by the WG to review the robustness of the cryptographic mechanisms? Was there an independent assessment beyond those on the author team? Did the Crypto Panel have an independent look? In terms of independent assessment, there is a paper on the formal proof analysis of the extension introduced in the draft: https://www.mnm-team.org/pub/Publikationen/gggh21b/PDF-Version/gggh21b.pdf [Roman] Thanks for this pointer. I’ll add that to the Shepherd Review citing it from the ACSAC 2021 proceedings (https://dl.acm.org/doi/10.1145/3485832.3485885). Roman
_______________________________________________ IPsec mailing list IPsec@ietf.org https://www.ietf.org/mailman/listinfo/ipsec
