Did Kenny make this statement in the context of postquantum cryptography (that is, public key algorithms that are believed to be secure even if the adversary has a quantum computer)? That would certainly be a reasonable statement (as most postquantum algorithms are fairly new, and are still being cryptographically vetted). On the other hand, this specific draft doesn't involve any postquantum algorithms; it relies only on currently accepted algorithms, and so Kenny's caution would not apply. > -----Original Message----- > From: Salz, Rich <rsalz@xxxxxxxxxx> > Sent: Wednesday, December 11, 2019 11:23 AM > To: last-call@xxxxxxxx > Cc: ipsec@xxxxxxxx; ipsecme-chairs@xxxxxxxx; david.waltermire@xxxxxxxx; > draft-ietf-ipsecme-qr-ikev2@xxxxxxxx > Subject: Re: Last Call: <draft-ietf-ipsecme-qr-ikev2-09.txt> (Postquantum > Preshared Keys for IKEv2) to Proposed Standard > > We are seeing a flurry of these kind of “post quantum protection” things. > This is premature. The co-chair of the CFRG, Kenny Paterson, said so awhile > back. > > At best, this should be EXPERIMENTAL. > > I would like to see an IESG policy that makes all drafts on this topic be > EXPERIMENTAL. > -- last-call mailing list last-call@xxxxxxxx https://www.ietf.org/mailman/listinfo/last-call
