> > Hi Paul,
> >
> > I read this text as a caveat for implementers to not use
> > keys which cannot provide enough entropy in any case (e.g. passwords).
> > With this reading it's a text for implementers, not for users.
>
> If you read it that way, then I strongly recommend we put implementeren
On Sun, Jun 07, 2020 at 09:43:41PM -0400, Michael Richardson wrote:
>
> Steffen Klassert wrote:
> > This alterative usecase tries to solve the 'small packet' tunneling
> > problem. Sending small packets over a tunnel usually creates quite a
> > lot of overhead, as each packet needs
Tero had this comment (which didn't make it onto this mailing list):
Btw, there is similar text in RFC7296 (base IKEv2) saying following:
When using pre-shared keys, a critical consideration is how to assure
the randomness of these secrets. The strongest practice is to ensure
that
Hi Scott,
I like this variant.
Regards,
Valery.
From: IPsec [mailto:ipsec-boun...@ietf.org] On Behalf Of Scott Fluhrer
(sfluhrer)
Sent: Monday, June 08, 2020 6:06 PM
To: ipsec@ietf.org
Subject: Re: [IPsec] Last minute change to draft-ietf-ipsecme-qr-ikev2
Tero had this comment (whi
On Mon, 8 Jun 2020, Scott Fluhrer (sfluhrer) wrote:
How about this text (which integrates suggestions both from the security
considerations of both RFC7296 and the PPK text, while
trying to not sound like Frankentext [1].
That is okay with me.
And, I would agree with Valery; I also would pr
On 6/8/2020 7:05 AM, Steffen Klassert wrote:
On Sun, Jun 07, 2020 at 09:43:41PM -0400, Michael Richardson wrote:
Steffen Klassert wrote:
> This alterative usecase tries to solve the 'small packet' tunneling
> problem. Sending small packets over a tunnel usually creates quite a
