Curve25519 and Curve448 for the Internet Key Exchange Protocol Version 2 (IKEv2) Key Agreement
Note: This ballot was opened for revision 04 and is now closed.
(Stephen Farrell) Yes
- Wouldn't it be good to encourage minimising re-use of public values for multiple key exchanges? As-is, the text sort-of encourages use for "many key exchanges" in section 4. - Sorry if I'm forgetting how we handle this in IPsec, but is an implementation of this RFC expected to support both curves? I think it'd be ok to say that 25519 is a MUST for folks doing, this but that 448 is optional. I'm also fine if we mean that implementing this means you have to support both btw but you don't say (here) that that's the case.