Hi, the name of the draft was changed to draft-ietf-ipsecme-... No more changes.
Regards, Valery. > -----Original Message----- > From: IPsec <ipsec-boun...@ietf.org> On Behalf Of internet-dra...@ietf.org > Sent: Tuesday, April 16, 2024 9:49 PM > To: i-d-annou...@ietf.org > Cc: ipsec@ietf.org > Subject: [IPsec] I-D Action: draft-ietf-ipsecme-ikev2-qr-alt-00.txt > > Internet-Draft draft-ietf-ipsecme-ikev2-qr-alt-00.txt is now available. It is a work > item of the IP Security Maintenance and Extensions (IPSECME) WG of the IETF. > > Title: Alternative Approach for Mixing Preshared Keys in IKEv2 for Post- > quantum Security > Author: Valery Smyslov > Name: draft-ietf-ipsecme-ikev2-qr-alt-00.txt > Pages: 11 > Dates: 2024-04-12 > > Abstract: > > An Internet Key Exchange protocol version 2 (IKEv2) extension defined > in RFC8784 allows IPsec traffic to be protected against someone > storing VPN communications today and decrypting it later, when (and > if) cryptographically relevant quantum computers are available. The > protection is achieved by means of Post-quantum Preshared Key (PPK) > which is mixed into the session keys calculation. However, this > protection doesn't cover an initial IKEv2 SA, which might be > unacceptable in some scenarios. This specification defines an > alternative way to get protection against quantum computers, which is > similar to the solution defined in RFC8784, but protects the initial > IKEv2 SA too. > > Besides, RFC8784 assumes that PPKs are static and thus they are only > used when an initial IKEv2 Security Association (SA) is created. If > a fresh PPK is available before the IKE SA is expired, then the only > way to use it is to delete the current IKE SA and create a new one > from scratch, which is inefficient. This specification also defines > a way to use PPKs in active IKEv2 SA for creating additional IPsec > SAs and for rekeys operations. > > The IETF datatracker status page for this Internet-Draft is: > https://datatracker.ietf.org/doc/draft-ietf-ipsecme-ikev2-qr-alt/ > > There is also an HTMLized version available at: > https://datatracker.ietf.org/doc/html/draft-ietf-ipsecme-ikev2-qr-alt-00 > > Internet-Drafts are also available by rsync at: > rsync.ietf.org::internet-drafts > > > _______________________________________________ > IPsec mailing list > IPsec@ietf.org > https://www.ietf.org/mailman/listinfo/ipsec _______________________________________________ IPsec mailing list IPsec@ietf.org https://www.ietf.org/mailman/listinfo/ipsec
