smyslov / g-ikev2 Goto Github PK
View Code? Open in Web Editor NEWdraft-ietf-ipsecme-g-ikev2 (Group Key Management using IKEv2)
g-ikev2's People
Contributors
Watchers
g-ikev2's Issues
Clarify using SID
Current text is wrong
Is explicit Shared Key authentication ever needed?
Remove it.
Clarify KEK and TEK over the document
USE_TRANSPORT_MODE vs new notify
Do we need to update USE_TRANSPORT_MODE for multicast use or allocate a new notify?
Proposal numbers interpretation in SAg payload
Text should be added to clarify how to interpret Proposal Number field in SAg payload.
PPK and G-IKEv2
Do we want to make G-IKEv2 SA secure against QC from the very beginning? Currently only confidentiality of the keys is preserved, but not their authenticity (integrity). We may want to add ICV to Wrapped Key structure or to the whole KD payload.
Using ESN needs clarification
Since replay protection isn't used there is no point to specify ESN transform in GSA payload.
Rename those SK_e and SK_a to those GSK_e and GSK_a
Add terminology section
Key wrapping format
Currently a key wrapping format assumes that there is no ICV field (because the whole IKE message is authenticated, and integrity protected) and the format provides only confidentiality. This appeasr to be a problem when AEAD algorithms are in use - existing APIs require ICV to be present on decryption.
As a possible solution we can switch format resembling the Encrypted payload. The penalty would be that each wrapped key will have its own ICV, thus making messages bigger (especially with LKH).
Member Packet in GIKE_REKEY
The text at the end of 1.4.5.1 contradicts to the text in 3.5.3 and is a left-over from previous version of the document, but 3.5.3 is wrong too, since Member Packet can be sent in multicast rekey...
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. ๐๐๐
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google โค๏ธ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.