This will start two week WGLC for the draft-ietf-ipsecme-ikev2-qr-alt
[1]. This last call will end at 2024-08-11. If you have any comments
about the draft send them to the WG list.
This current draft uses different method of mixing the secret data to
the IKE SA state than the Multiple Key Exchanges RFC9370 [2], and this is
one of the items I would like to get confirmation from the WG.
The current draft uses:
SKEYSEED' = prf+ (PPK, SK_d)
{SK_d | SK_ai | SK_ar | SK_ei | SK_er | SK_pi | SK_pr}
= prf+ (SKEYSEED', Ni | Nr | SPIi | SPIr )
When Multiple Key Exchanges RFC9370 uses:
SKEYSEED(n) = prf(SK_d(n-1), SK(n) | Ni | Nr)
{SK_d | SK_ai | SK_ar | SK_ei | SK_er | SK_pi | SK_pr}
= prf+ (SKEYSEED', Ni | Nr | SPIi | SPIr )
(we could simply use that by saying that SK(n) = PPK in that
calculation, and if we have both multiple key exchanges and PPK, we
would concatenate PPK and SK(n))
[1] https://datatracker.ietf.org/doc/draft-ietf-ipsecme-ikev2-qr-alt/
[2] https://datatracker.ietf.org/doc/rfc9370/
--
kivi...@iki.fi
_______________________________________________
IPsec mailing list -- ipsec@ietf.org
To unsubscribe send an email to ipsec-le...@ietf.org
