Re: [IPsec] [secdir] Secdir last call review of draft-ietf-ipsecme-qr-ikev2-09

NIST standards are mandatory for a subset of US citizens. But enough of businesses outside the US pay attention to what NIST says to make adding the reference relevant and useful. > On Dec 25, 2019, at 01:52, Valery Smyslov wrote: > >  > Hi Watson, > > thank you for spending your time on th

Re: [IPsec] Labeled IPsec options

Hi Tero, first, I'm not against using new TS accommodating seclabels. It is the most pure way to go from theoretical PoV. The only concern with this approach is that the number of TS types will be growing up. Another approach - use some new status notification containing seclabel that the initia

Re: [IPsec] [secdir] Secdir last call review of draft-ietf-ipsecme-qr-ikev2-09

On Wed, Dec 25, 2019 at 3:57 AM Uri Blumenthal wrote: > NIST standards are mandatory for a subset of US citizens. But enough of > businesses outside the US pay attention to what NIST says to make adding > the reference relevant and useful. > It's not about standards, it's about the competition a

Re: [IPsec] [secdir] Secdir last call review of draft-ietf-ipsecme-qr-ikev2-09

On Wed, Dec 25, 2019 at 3:57 AM Uri Blumenthal < u...@mit.edu> wrote: NIST standards are mandatory for a subset of US citizens. But enough of businesses outside the US pay attention to what NIST says to make adding the reference relevant and useful. It's not about stan

Re: [IPsec] [secdir] Secdir last call review of draft-ietf-ipsecme-qr-ikev2-09

NIST produces standards and recommendations. US government organizations and companies doing business with them are usually required to comply. Organizations and businesses (both US and non-US) that are not bound by US regulations, often pay attention to what NIST recommends. To repeat myself,

Re: [IPsec] [secdir] Secdir last call review of draft-ietf-ipsecme-qr-ikev2-09

I'm talking about the ongoing NIST quantum cryptography competition, which targets at the lowest level security equivalent to AES-128. On Wed, Dec 25, 2019 at 10:24 AM Uri Blumenthal wrote: > NIST produces standards and recommendations. US government organizations > and companies doing business

Re: [IPsec] [secdir] Secdir last call review of draft-ietf-ipsecme-qr-ikev2-09

Do you mean the post-quantum cryptography competition (https://csrc.nist.gov/Projects/post-quantum-cryptography)? That's why I felt confused. The draft isn't concerned with any post-quantum cryptography stuff, it uses only well-studied methods of classical cryptography. I don't think this

Re: [IPsec] [secdir] Secdir last call review of draft-ietf-ipsecme-qr-ikev2-09

Uri, I don't mind referencing NIST levels, but I'd like to first hear from my co-authors, who are definitely more experienced in cryptography and in NIST levels than I am :-) NIST produces standards and recommendations. US government organizations and companies doing business with them a