On Mon, Nov 18, 2024 at 1:00 PM Valery Smyslov <smyslov.i...@gmail.com> wrote:
> Hi Tero, > > thank you for the initial proposal for the charter. It looks good. > I agree. > That said I think that not all current charter items are fulfilled. > While we define how to use PQ KEMs in IKEv2, the issues > with large keys (beyond 64 Kbytes) are not addressed. > As far as I know, some EU security authorities (and not only in EU) > prefer using conservative algorithms, like Classic McEliece. > I thought the world was moving towards ML-KEM and FrodoKEM? It would be nice if we can wait for actual needs of something like Classic McEliece once we get there? > If we want to ever support them, then at least two issues should be > addressed: > 1. Limited IKEv2 payload size (can be addressed with > draft-nir-ipsecme-big-payload) > 2. Transport issues with transferring large keys maintaining ESP > performance > (can be addressed with draft-smyslov-ipsecme-ikev2-reliable-transport) > I am open on looking at those, but would encourage us to not adopt documents for this until it becomes clear there is an actual need. With such a caveat, I think it is ok for some kind of mention in the charter. Paul
_______________________________________________ IPsec mailing list -- ipsec@ietf.org To unsubscribe send an email to ipsec-le...@ietf.org
