Reviewer: Joel Jaeggli Review result: Ready I reviewed draft-ietf-ipsecme-eddsa on behalf of the opsdir during it's IETF Last call. This standards track draft introduces an importance change in the IKE negotiation in that the sender can indicate that it hash algorithms which do not require prehashing and can instead operate on arbitrary length data. It also goes on to make a more strong requirement then RFC 8032 (which is informational) that: " The pre-hashed versions of Ed25519 and Ed448 (Ed25519ph and Ed448ph respectively) MUST NOT be used in IKE." Changes to IKE negotiation require careful review, but I am satisfied that this explicit signal improves the handling of support for the edwards curves.