| < draft-ietf-ipsecme-ikev2-multiple-ke-04.txt | draft-ietf-ipsecme-ikev2-multiple-ke-05.txt > | |||
|---|---|---|---|---|
| Internet Engineering Task Force (IETF) C. Tjhai | Internet Engineering Task Force (IETF) C. Tjhai | |||
| Internet-Draft M. Tomlinson | Internet-Draft M. Tomlinson | |||
| Updates: 7296 (if approved) Post-Quantum | Updates: 7296 (if approved) Post-Quantum | |||
| Intended status: Standards Track G. Bartlett | Intended status: Standards Track G. Bartlett | |||
| Expires: 3 April 2022 Quantum Secret | Expires: 29 September 2022 Quantum Secret | |||
| S. Fluhrer | S. Fluhrer | |||
| Cisco Systems | Cisco Systems | |||
| D. Van Geest | D. Van Geest | |||
| ISARA Corporation | ISARA Corporation | |||
| O. Garcia-Morchon | O. Garcia-Morchon | |||
| Philips | Philips | |||
| V. Smyslov | V. Smyslov | |||
| ELVIS-PLUS | ELVIS-PLUS | |||
| 30 September 2021 | 28 March 2022 | |||
| Multiple Key Exchanges in IKEv2 | Multiple Key Exchanges in IKEv2 | |||
| draft-ietf-ipsecme-ikev2-multiple-ke-04 | draft-ietf-ipsecme-ikev2-multiple-ke-05 | |||
| Abstract | Abstract | |||
| This document describes how to extend the Internet Key Exchange | This document describes how to extend the Internet Key Exchange | |||
| Protocol Version 2 (IKEv2) to allow multiple key exchanges to take | Protocol Version 2 (IKEv2) to allow multiple key exchanges to take | |||
| place while computing a shared secret during a Security Association | place while computing a shared secret during a Security Association | |||
| (SA) setup. The primary application of this feature in IKEv2 is the | (SA) setup. The primary application of this feature in IKEv2 is the | |||
| ability to perform one or more post-quantum key exchanges in | ability to perform one or more post-quantum key exchanges in | |||
| conjunction with the classical (Elliptic Curve) Diffie-Hellman key | conjunction with the classical (Elliptic Curve) Diffie-Hellman key | |||
| exchange, so that the resulting shared key is resistant against | exchange, so that the resulting shared key is resistant against | |||
| skipping to change at page 2, line 15 ¶ | skipping to change at page 2, line 15 ¶ | |||
| Internet-Drafts are working documents of the Internet Engineering | Internet-Drafts are working documents of the Internet Engineering | |||
| Task Force (IETF). Note that other groups may also distribute | Task Force (IETF). Note that other groups may also distribute | |||
| working documents as Internet-Drafts. The list of current Internet- | working documents as Internet-Drafts. The list of current Internet- | |||
| Drafts is at https://datatracker.ietf.org/drafts/current/. | Drafts is at https://datatracker.ietf.org/drafts/current/. | |||
| Internet-Drafts are draft documents valid for a maximum of six months | Internet-Drafts are draft documents valid for a maximum of six months | |||
| and may be updated, replaced, or obsoleted by other documents at any | and may be updated, replaced, or obsoleted by other documents at any | |||
| time. It is inappropriate to use Internet-Drafts as reference | time. It is inappropriate to use Internet-Drafts as reference | |||
| material or to cite them other than as "work in progress." | material or to cite them other than as "work in progress." | |||
| This Internet-Draft will expire on 3 April 2022. | This Internet-Draft will expire on 29 September 2022. | |||
| Copyright Notice | Copyright Notice | |||
| Copyright (c) 2021 IETF Trust and the persons identified as the | Copyright (c) 2022 IETF Trust and the persons identified as the | |||
| document authors. All rights reserved. | document authors. All rights reserved. | |||
| This document is subject to BCP 78 and the IETF Trust's Legal | This document is subject to BCP 78 and the IETF Trust's Legal | |||
| Provisions Relating to IETF Documents (https://trustee.ietf.org/ | Provisions Relating to IETF Documents (https://trustee.ietf.org/ | |||
| license-info) in effect on the date of publication of this document. | license-info) in effect on the date of publication of this document. | |||
| Please review these documents carefully, as they describe your rights | Please review these documents carefully, as they describe your rights | |||
| and restrictions with respect to this document. Code Components | and restrictions with respect to this document. Code Components | |||
| extracted from this document must include Simplified BSD License text | extracted from this document must include Revised BSD License text as | |||
| as described in Section 4.e of the Trust Legal Provisions and are | described in Section 4.e of the Trust Legal Provisions and are | |||
| provided without warranty as described in the Simplified BSD License. | provided without warranty as described in the Revised BSD License. | |||
| Table of Contents | Table of Contents | |||
| 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 | 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 | |||
| 1.1. Problem Description . . . . . . . . . . . . . . . . . . . 3 | 1.1. Problem Description . . . . . . . . . . . . . . . . . . . 3 | |||
| 1.2. Proposed Extension . . . . . . . . . . . . . . . . . . . 3 | 1.2. Proposed Extension . . . . . . . . . . . . . . . . . . . 3 | |||
| 1.3. Changes . . . . . . . . . . . . . . . . . . . . . . . . . 5 | 1.3. Changes . . . . . . . . . . . . . . . . . . . . . . . . . 5 | |||
| 1.4. Document Organization . . . . . . . . . . . . . . . . . . 7 | 1.4. Document Organization . . . . . . . . . . . . . . . . . . 7 | |||
| 2. Design Criteria . . . . . . . . . . . . . . . . . . . . . . . 7 | 2. Design Criteria . . . . . . . . . . . . . . . . . . . . . . . 7 | |||
| 3. Multiple Key Exchanges . . . . . . . . . . . . . . . . . . . 9 | 3. Multiple Key Exchanges . . . . . . . . . . . . . . . . . . . 9 | |||
| skipping to change at page 22, line 28 ¶ | skipping to change at page 22, line 28 ¶ | |||
| valuable comments. Thanks to Paul Wouters for reviewing the | valuable comments. Thanks to Paul Wouters for reviewing the | |||
| document. | document. | |||
| 7. References | 7. References | |||
| 7.1. Normative References | 7.1. Normative References | |||
| [I-D.ietf-ipsecme-ikev2-intermediate] | [I-D.ietf-ipsecme-ikev2-intermediate] | |||
| Smyslov, V., "Intermediate Exchange in the IKEv2 | Smyslov, V., "Intermediate Exchange in the IKEv2 | |||
| Protocol", Work in Progress, Internet-Draft, draft-ietf- | Protocol", Work in Progress, Internet-Draft, draft-ietf- | |||
| ipsecme-ikev2-intermediate-07, 3 August 2021, | ipsecme-ikev2-intermediate-10, 5 March 2022, | |||
| <https://www.ietf.org/archive/id/draft-ietf-ipsecme-ikev2- | <https://www.ietf.org/archive/id/draft-ietf-ipsecme-ikev2- | |||
| intermediate-07.txt>. | intermediate-10.txt>. | |||
| [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate | [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate | |||
| Requirement Levels", BCP 14, RFC 2119, | Requirement Levels", BCP 14, RFC 2119, | |||
| DOI 10.17487/RFC2119, March 1997, | DOI 10.17487/RFC2119, March 1997, | |||
| <https://www.rfc-editor.org/info/rfc2119>. | <https://www.rfc-editor.org/info/rfc2119>. | |||
| [RFC7296] Kaufman, C., Hoffman, P., Nir, Y., Eronen, P., and T. | [RFC7296] Kaufman, C., Hoffman, P., Nir, Y., Eronen, P., and T. | |||
| Kivinen, "Internet Key Exchange Protocol Version 2 | Kivinen, "Internet Key Exchange Protocol Version 2 | |||
| (IKEv2)", STD 79, RFC 7296, DOI 10.17487/RFC7296, October | (IKEv2)", STD 79, RFC 7296, DOI 10.17487/RFC7296, October | |||
| 2014, <https://www.rfc-editor.org/info/rfc7296>. | 2014, <https://www.rfc-editor.org/info/rfc7296>. | |||
| skipping to change at page 23, line 8 ¶ | skipping to change at page 23, line 8 ¶ | |||
| 7.2. Informative References | 7.2. Informative References | |||
| [GROVER] Grover, L., "A Fast Quantum Mechanical Algorithm for | [GROVER] Grover, L., "A Fast Quantum Mechanical Algorithm for | |||
| Database Search", Proc. of the Twenty-Eighth Annual ACM | Database Search", Proc. of the Twenty-Eighth Annual ACM | |||
| Symposium on the Theory of Computing (STOC 1996), 1996. | Symposium on the Theory of Computing (STOC 1996), 1996. | |||
| [I-D.ietf-ipsecme-g-ikev2] | [I-D.ietf-ipsecme-g-ikev2] | |||
| Smyslov, V. and B. Weis, "Group Key Management using | Smyslov, V. and B. Weis, "Group Key Management using | |||
| IKEv2", Work in Progress, Internet-Draft, draft-ietf- | IKEv2", Work in Progress, Internet-Draft, draft-ietf- | |||
| ipsecme-g-ikev2-03, 11 July 2021, <https://www.ietf.org/ | ipsecme-g-ikev2-05, 18 March 2022, <https://www.ietf.org/ | |||
| internet-drafts/draft-ietf-ipsecme-g-ikev2-03.txt>. | internet-drafts/draft-ietf-ipsecme-g-ikev2-05.txt>. | |||
| [I-D.tjhai-ikev2-beyond-64k-limit] | [I-D.tjhai-ikev2-beyond-64k-limit] | |||
| Tjhai, C., Heider, T., and V. Smyslov, "Beyond 64KB Limit | Tjhai, C., Heider, T., and V. Smyslov, "Beyond 64KB Limit | |||
| of IKEv2 Payloads", Work in Progress, Internet-Draft, | of IKEv2 Payloads", Work in Progress, Internet-Draft, | |||
| draft-tjhai-ikev2-beyond-64k-limit-01, 9 July 2021, | draft-tjhai-ikev2-beyond-64k-limit-01, 9 July 2021, | |||
| <https://www.ietf.org/archive/id/draft-tjhai-ikev2-beyond- | <https://www.ietf.org/archive/id/draft-tjhai-ikev2-beyond- | |||
| 64k-limit-01.txt>. | 64k-limit-01.txt>. | |||
| [RFC4302] Kent, S., "IP Authentication Header", RFC 4302, | [RFC4302] Kent, S., "IP Authentication Header", RFC 4302, | |||
| DOI 10.17487/RFC4302, December 2005, | DOI 10.17487/RFC4302, December 2005, | |||
| End of changes. 9 change blocks. | ||||
| 12 lines changed or deleted | 12 lines changed or added | |||
This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||