NIST standards are mandatory for a subset of US citizens. But enough of businesses outside the US pay attention to what NIST says to make adding the reference relevant and useful.
On Dec 25, 2019, at 01:52, Valery Smyslov <svan@xxxxxxxx> wrote:_______________________________________________Hi Watson,
thank you for spending your time on this review in Christmas Eve.
The capitalization issue has been already noticed and fixed.
I’m not sure the draft should mention NIST levels, because
they are relevant mostly for US customers. I think that
generic recommendations on key sizes are more appropriate
for this document.
Regards,
Valery.
Damn misclick. I meant With Nits.
On Tue, Dec 24, 2019 at 8:02 PM Watson Ladd via Datatracker <noreply@xxxxxxxx> wrote:
Reviewer: Watson Ladd
Review result: Not Ready
Twas the night before Christmas
when all through the house
someone was desperately trying to get a review done on time.
I didn't see anything wrong per se in the draft itself, but I found the
capitalization of quantum computer an odd choice. IKEv2 is a complicated
protocol, and I am not 100% sure that this draft does what we want it to: It
would be great if someone could check very carefully in some symbolic model,
ala what has been done in TLS. The guidance on sizes seems to rule out NIST
level 1, but not any higher levels: might be worth calling out this explicitly.
_______________________________________________
secdir mailing list
secdir@xxxxxxxx
https://www.ietf.org/mailman/listinfo/secdir
wiki: http://tools.ietf.org/area/sec/trac/wiki/SecDirReview
--"Man is born free, but everywhere he is in chains".
--Rousseau.
secdir mailing list
secdir@xxxxxxxx
https://www.ietf.org/mailman/listinfo/secdir
wiki: http://tools.ietf.org/area/sec/trac/wiki/SecDirReview
--
--Rousseau..
-- last-call mailing list last-call@xxxxxxxx https://www.ietf.org/mailman/listinfo/last-call
