Re: [Curdle] draft-ssorce-gss-keyex-sha2-00

"Mark D. Baushke" <mdb@juniper.net> Mon, 17 April 2017 05:15 UTC

Return-Path: <mdb@juniper.net>
X-Original-To: curdle@ietfa.amsl.com
Delivered-To: curdle@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 64A4E129486 for <curdle@ietfa.amsl.com>; Sun, 16 Apr 2017 22:15:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.921
X-Spam-Level:
X-Spam-Status: No, score=-1.921 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H4=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=junipernetworks.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xLAflCdd-AkA for <curdle@ietfa.amsl.com>; Sun, 16 Apr 2017 22:15:27 -0700 (PDT)
Received: from NAM03-DM3-obe.outbound.protection.outlook.com (mail-dm3nam03on0115.outbound.protection.outlook.com [104.47.41.115]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 44E6F129483 for <curdle@ietf.org>; Sun, 16 Apr 2017 22:15:27 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=junipernetworks.onmicrosoft.com; s=selector1-juniper-net; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=6V+fJFRCwuGxju+5J39QieFMOIcKHQG+2SESWDySjm0=; b=gMbbYHaoVZ/v/E5ZFT26iYBhD3IPKrkdKnOeIY29VWIYXbF5vYtZqvuquhvEWRDdc0xh731DgS+nMNy5Bp8o5rZV1adOaIj2GHb5smbWJfYsEKDKSVts2pzA49jjMfaxyO1zBwQK18foarhqGawwYffVDDaWvbrYSRY51awYPVU=
Received: from DM5PR05CA0022.namprd05.prod.outlook.com (10.173.226.32) by BN3PR05MB2483.namprd05.prod.outlook.com (10.167.3.24) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1047.6; Mon, 17 Apr 2017 05:15:25 +0000
Received: from CO1NAM05FT009.eop-nam05.prod.protection.outlook.com (2a01:111:f400:7e50::208) by DM5PR05CA0022.outlook.office365.com (2603:10b6:3:d4::32) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1047.6 via Frontend Transport; Mon, 17 Apr 2017 05:15:25 +0000
Authentication-Results: spf=softfail (sender IP is 66.129.239.12) smtp.mailfrom=juniper.net; ietf.org; dkim=none (message not signed) header.d=none;ietf.org; dmarc=fail action=none header.from=juniper.net;
Received-SPF: SoftFail (protection.outlook.com: domain of transitioning juniper.net discourages use of 66.129.239.12 as permitted sender)
Received: from p-emfe01a-sac.jnpr.net (66.129.239.12) by CO1NAM05FT009.mail.protection.outlook.com (10.152.96.116) with Microsoft SMTP Server (version=TLS1_0, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA_P384) id 15.1.1019.24 via Frontend Transport; Mon, 17 Apr 2017 05:15:25 +0000
Received: from p-mailhub01.juniper.net (10.160.2.17) by p-emfe01a-sac.jnpr.net (172.24.192.21) with Microsoft SMTP Server (TLS) id 14.3.123.3; Sun, 16 Apr 2017 22:15:09 -0700
Received: from eng-mail01.juniper.net (eng-mail01.juniper.net [172.17.28.114]) by p-mailhub01.juniper.net (8.14.4/8.11.3) with ESMTP id v3H5F89c027399; Sun, 16 Apr 2017 22:15:09 -0700 (envelope-from mdb@juniper.net)
Received: from eng-mail01.juniper.net (localhost [127.0.0.1]) by eng-mail01.juniper.net (Postfix) with ESMTP id 7CE4511446; Sun, 16 Apr 2017 22:15:08 -0700 (PDT)
To: Simo Sorce <simo@redhat.com>, Hubert Kario <hkario@redhat.com>
CC: <curdle@ietf.org>
From: "Mark D. Baushke" <mdb@juniper.net>
Date: Sun, 16 Apr 2017 22:15:08 -0700
Message-ID: <39113.1492406108@eng-mail01.juniper.net>
Sender: <mdb@juniper.net>
MIME-Version: 1.0
Content-Type: text/plain
X-EOPAttributedMessage: 0
X-MS-Office365-Filtering-HT: Tenant
X-Forefront-Antispam-Report: CIP:66.129.239.12; IPV:NLI; CTRY:US; EFV:NLI; SFV:NSPM; SFS:(10019020)(6009001)(39850400002)(39400400002)(39410400002)(39450400003)(39840400002)(39860400002)(2980300002)(189002)(199003)(9170700003)(6266002)(53936002)(48376002)(6392003)(50466002)(47776003)(4326008)(7846003)(2906002)(6306002)(2810700001)(105596002)(55016002)(53416004)(76506005)(106466001)(189998001)(77096006)(5660300001)(7126002)(305945005)(356003)(229853002)(230783001)(50986999)(8676002)(8936002)(86362001)(6246003)(81166006)(7696004)(38730400002)(117636001)(54356999)(42262002); DIR:OUT; SFP:1102; SCL:1; SRVR:BN3PR05MB2483; H:p-emfe01a-sac.jnpr.net; FPR:; SPF:SoftFail; MLV:sfv; MX:1; A:1; LANG:en;
X-Microsoft-Exchange-Diagnostics: 1; CO1NAM05FT009; 1:VLDRgRfQNYO5IImCYEkoIcDFc5imFRfzeZLAC6xQlFl+VxAzzNQqpTGRatd3FnkOnteC0nmgCIL2xSZtxlxJLVhjO04qo+CGoGGMXSkdqIujc968AQccyIHqvRHBx+cA/KgF88xkuhIb0aDRwJdAcN9xu4o3nH2W1KK8S0z4/ABJ4uAczH1lDyMVZf+fVQcLLrGtChrLy/vaiAdkmXcwg7fdNu3ML/S97szVWaoEK+SOIoqf+ffntCHl2Vln65JMlgfXLQZOETHUrdLdUApAacTbcBLN3i7rGMcDusey1+3Zr/bLhtBAWgeQyX2+NKS3F1id+Plpspy1pnGEDY4MNDZUfrGtk5I55vM40+Ne/MFUu8G/EM5K2AjNDQ0wv2Btl1azEh2rPPpdyshXM7QaxyUs0gGZ9i+W5R5/sCipatyffCQr/t+cfD5mUPR1yHx1INVXbuV/ZFNTXYxaczZfTHw09PHvO3PqUfHqd1dWp5cwKuxu+ECAdAYOqt578D3BeFmyYCBPNdf/KFhLZq8ZHT8mK04M8IySkWloLeG3D/PEhpgqgvDLi3u4Rin2g6W1ood6+ZZ+DmTU7hnF952udA/YSdZfAtWrBZqrfrudsnI=
X-MS-Office365-Filtering-Correlation-Id: efa3c344-1b4c-44c7-8f79-08d48550c161
X-Microsoft-Antispam: UriScan:; BCL:0; PCL:0; RULEID:(22001)(2017030254075)(201703131423075)(201703031133081)(201702281549075); SRVR:BN3PR05MB2483;
X-Microsoft-Exchange-Diagnostics: 1; BN3PR05MB2483; 3:Rw7se3MYKv6eUAC9lKiRe5E76+NBrrVRR34rRAZF1y7tJeboozff72G4xQFCBkDm0BYYpGSLB75BGraO0f1XwdL1FvM/O45WwEoLPkRztcTQp/qbfOkVXgJC3AFl8D9jOBKvMGdMTkH3alEZTdnavPiYH9BbPyH6GojXlJQdn93sKcHQOuRTkKrIlbQ2Rp81DK+/e8+UROLwx9dcHAEPF8GB8CTd3Fzn2upRNsTT5prRdiSXor2RWnUpQqdL3PG7to3k0N3bY+BzvamSosdUCG58y7kZjFLPA696KuzYdRFhiFw1RbQCPSW4sLL6qTEn5FgNTDltZWozbKdgJM66S9jazL4cnP0kwihg0pBnfRjMLpfOlSdOgtT5q0PXuopDnBep5EN6S1jwD9oBB5aWk9KTS6TwgQZXl7HF5MTtkAB0jjLNPs45viKwfTO3vwrhFZfkyTif976mKZuQtEQayBqDXP8U4Pd/rpzwtCLUlX19gNuo0cfpc7phhGhVkWVC
X-Microsoft-Exchange-Diagnostics: 1; BN3PR05MB2483; 25:vBsfBxQXRP/U/L07iBPYkm/O9Tmd2Eb7U2lF4L9qPAFrZRd/UIRKIjxkpLN2/T5d88AWfI297AQciJm/yVNQ8xIyeuAgVH0niSsMmBmgCWKFnI+rgZmMLPTbsHkCVX4KqUEpnDyiB9blRJTlpaNogotl8Prxw/l2n81AHcQEdhPajv8xO8wYT9wHzbx1ROYCqSv1iCJt1dma2DzxAEpVqwn5cUiHCOEDFoa6mp1S81AZEjodAMvLF8L6dMyfh7g5Impj3Itl49W0+Zctabn2yqRZjAZ5PhOqK6a5vPShW60dRjNrz3B3EawFgH+21KnuREWzxFJ7Tcd20zmXSNWlOc98bQtJl/olV6mhNZkieB0qKZ25adh6tBQNJL3X3v51Fq9j0F4a8fuuz75LANnm26/FLyu7FtyDKQSVdgTKKA7gmwrKvlFFH5C0uoXTKkh9XIO11/v1Qni8GI/VRJPPBz7QcyV0uQX1cuNH5ARPXsk=; 31:W0VdwBmChjnZTShIolHj4r9P0/qPOrGe/BYvYhdCFCYnfVWz7VdIam+ChpkBP1BCWkvb2M/QAINi0Ot5xPwrAWTW/ujHxY5ShLDmbouoKCnqrU2kdB8FvWE9VBMJXMzA8K3N8kOTCJyBOcf9V2ld4dTKjmo8gqDJ7r1sHqwiYTVrJZYaTPWsYHjxasIFqpnsjfK9TzvTpqwa82tPqKfwu+D7iVqECCLC5gBJdTjeKlmQoeaKeuFvpitEr7r3rFPl
X-Microsoft-Exchange-Diagnostics: 1; BN3PR05MB2483; 20:jjUllqnJBZh06NClaFAj+W882zlAgnKDybfCqtK8VX6NamVdB/gbPfYE0EGunE3mx2SwPl1LxWIaaVG3xQIXfL6ri15IN3MMAe1o25juxPu/bdm7Z07VbLIYkKpI2N0gEeiO0xIJphhgNKWslmWjUp6Rs+T2uOqq0xn9Ev94IzibI1Wkz3C0hcs4bgaie7k9ZQ0bd4UKjeSVZgLrE4Mh24HgC8WmxbgqJg+K9JoqPiz1btVeVLbZpcdd0q9hD993zXkH5ZNUnWjx+/IxF4CryfPuWAmfPHAfQJ5RCGwYQOOYm1rmkYpGKnJXnVtOtE2U8JSl2sYczpmGIaEP12MDDyKl7/nWXesfXuQumxZqBXBtN0jAfRb1JfPiQ9iEPXItF+zstviIvnHRdJqivLJFUg9qo16nNQ3xDAfCnVsOyvkh3zTyJdmCY08ttcX1Hr+1kAbZymTfKXnWcJmst3AwzlZ0xPteD0Cd22BYf2Dwje9fapPRC60kuzBHykdgomwr
X-Microsoft-Antispam-PRVS: <BN3PR05MB2483B9D07B15D36DC8E09A0ABF060@BN3PR05MB2483.namprd05.prod.outlook.com>
X-Exchange-Antispam-Report-Test: UriScan:(192374486261705);
X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(6040450)(601004)(2401047)(13024025)(13023025)(13018025)(13015025)(13017025)(5005006)(8121501046)(10201501046)(3002001)(93006095)(93003095)(6055026)(6041248)(20161123562025)(201703131423075)(201702281528075)(201703061421075)(20161123555025)(20161123564025)(20161123560025)(6072148); SRVR:BN3PR05MB2483; BCL:0; PCL:0; RULEID:; SRVR:BN3PR05MB2483;
X-Microsoft-Exchange-Diagnostics: 1; BN3PR05MB2483; 4:1YiedWjOzMPL1Ozr/ttBNwy1ypBj/ep1wvL+ijC/FcN40yd3kny5IPUV93F+K0MBhs1hAGxsV2v6GsrIJQ0fwBC6u9j9Ar9s3jjEgNOjv+5+hHr4xt+MAj8siDrYRJFLkLhNN5qZw3N+hzD6RWC13fAQ6dzJ72r/PpnZGIfFXm8wV6OEaopQg2rbocY9Lm3zQ9af9q07Q1c/y5X/1B55cQlhQ8OGes0nog5RCicOSYljHdLapoZlf3qMW2EZnRcMx4zT5xuF3iy8sp1enx/DRCKVfTZ4Y5rlmoyD3i/Vgcg6KNHJM06cAa7EZTYyIo/N6m51l8bOLW/hXPZeqxFFg+6XDsml2x5BXSLX7hSOP2OwOhFWLu6vJsV+5gb2+d1ePX3IDhWKXutjVFt1fZtoIEkOfBdYRMUwDV9IhbJy/QL05Pgt0NjEVWCRNTettMQPCZ0ybYtcFuGWijG4dR9NLeiW/Cxrd1GOAI3fCrXjtadXGXrQRNTg3KCHxMALczbEfQrgRDBxPUvH6L6ey029H7dPxZTprbEfjBF/79BAlC0vv7sdXbfcDqgD2aBGM2wmk6IF5Uw4ibd/ESTdQKMcAbop3A3Fsnt8w5OQrKmTkNcXZFJSEGyYSmltL2cnLskFA4oteTqb5DBh/TDexnK544/nUcsYsaaHfvT3Edluh/Bcwm0YtP9uCme/27Ynl3qP8p9ZZfVfr0nE6s/lTdq4F4h+4fc1nmyLWuxKpxTAdEJv4mjaj92HNvapBrV0fn0mtkmc1J0iYMlNfCPoc5Zg+aM8gTN2dK8cJ1KX+Zdc6Wbqn28MXzCAfQAk1QoBEq/ls6uDhneOLOxmsEfm/4qR8vbOwjfZz0eQB1G5R5eQuNAht88Wp/gNo4YXyT2EGI68
X-Forefront-PRVS: 02801ACE41
X-Microsoft-Exchange-Diagnostics: =?us-ascii?Q?1; BN3PR05MB2483; 23:FYX1lmR3xjXrhGazfphJ4h9CKtg1C14jdsvwc5cNv?= =?us-ascii?Q?1QuHuE15kw/4T8tDXpb6lHVE1QBJ09l8UWYByOGilbJKjgpKW+gO8RGcMcv0?= =?us-ascii?Q?a2h/banRUQJvpv0JBVuaCuoUU5VzxduRjijoHgSyIplCZudWFqixViE2ICbI?= =?us-ascii?Q?R7K5MznzN0RgMtmBruskHo6xG1dyOyFOBAqPBgnhJSOtt/oS1P71Xq0jw+MS?= =?us-ascii?Q?yCBtRD5hg5NgeX9n0+7XB1V7zsuBHKF7Lonhr6dFZ3vus1bmEBM/zpNTWMiC?= =?us-ascii?Q?W74GzPx5YDV3hA2uY80TOiyEQ6NlqX4UtZXAsINeLzC6Sz/siC3mC467zGF2?= =?us-ascii?Q?2oH8oCzFxWYbYwq8QTbxWbkqlF3mDN5NYIcSJ2SK0nFlq4ifV+AyCWar3Lly?= =?us-ascii?Q?wxPqfelxN+AqmJ2BjwAPRPEWf8dqE3NgC0+vGaX7ePWmav0Hw/gUhZo5RbRA?= =?us-ascii?Q?D1Qv6Jcpy3Xf4a92kWVR3iSgrKZ/Y+qE2FSt72IXRjV9vGESDzWmtA18kMkz?= =?us-ascii?Q?d78LhEkxQhEBSizulCjHzlBWOI2Wkae3YboJj1l/i5qUbzQJtuMOwPSk90Pt?= =?us-ascii?Q?SSa7Whclos5+AnCxgYO2NrFUJ8OCF13Ziiwtmh//fIyAOVgoFqyKxzxoCt0+?= =?us-ascii?Q?NNopOYW3WvM3I7QlA4dvTxRymp5R77QBaP7FQzetbJrY1IG5w4IuUol90OGO?= =?us-ascii?Q?w1YCYvvEnR/jITw0qpqvgYliGsaTdO5lGQeAZW82LG1chMLks07Y/STaFNiW?= =?us-ascii?Q?SZN8gjY0s4f5fbroYX8iGpbLgJiufhILI8Qy9CL06xThdgeXLUUjitHR6Mwl?= =?us-ascii?Q?EZJIT8jAyb2rwIHlA+BGL0t/hkGj/oSLB30sXaMbsuGwVsFspOOvObtRhKOT?= =?us-ascii?Q?KxNu7DwiA144fj6UroIP+9AlMkOCjDl8XzunvPWUfy2jZT4lNh8JTUqKklRA?= =?us-ascii?Q?boQBoig+V5D+TebJoYVkUFG4Pct8g0shgkzEMXx6wC3pujf538PrUhU2qSh6?= =?us-ascii?Q?Ql0tCxcFTITyt9vBVH+4cISO0sFjOE/Z2i7vIE6AtBdIImWmbxX1kyymG9iO?= =?us-ascii?Q?ZFXx2S9OdJmmtwxeQv0oAahj0L6J7jFN2K30WwwOk4Xamf9o7R1WG5ccmUHl?= =?us-ascii?Q?WpiATQDi7KlR/kHgDzIK71gu4T3m1T/?=
X-Microsoft-Exchange-Diagnostics: 1; BN3PR05MB2483; 6:WKSn8NCJvhLSRY13FTg0sj8VKhj2B3sfppka4gx6HzAnSQMwk6gRaD00ZZqdOvzXCuaT5oCeWGd5EZhCTS7biAdiMV67EgyrVRUXJmqoG76Ue2ZMHT0Hq9uUzXA3y4d3339FJXbag2R2anLUialujZSfDcKeDsRcnJetkGNLy0BQxETY94ErhAVqk6iACoFUts1TlmxQ7KESUDICjjrJ2/aCluxK0u2Rphy4dFsxryMUGHGGgru4RzEUrbIZT3TjIrgBe7KQWQvdr8jsM/OsPMlDuEQ8bdpKSrYn5ZU9WBNV//88bHWpc2dRDlFeiTsxJ0tBOGVKlJLWUmPDcPHULCJJ3gMZLu1qGY8Q9iaYFKJ+GpqTe+dWkbk18bwhVbnaX288ZIhS3fBDv7fXLnmzolq5lTPL37gim3CwuIm654gT7k+E0/8bSVvLpQPuWUDo2bta6k1Fk/+SuXJ2+3YRJuW4s1yLHDDQPgHNF/cdey4=; 5:ZF9023JsTy59f+1DXgBi/udPwSc8+In6WNU4/IobYlk1WAUAK7TTD86eckN0547TAKi6UjguD7bpZel9b51HsgRVZ39OtmguXTOTSBUa1jSW6JMCpXM0X2Dugja2it2qOM/lNHkalYCuW7Mwar4k0g==; 24:5v1LIoYAm3AMSUIMBG7wd1jmSTQneQWA/q6+5oSzTKy6dLu0XdzVuBw6kFGo7ReQlcwJmZUwS5wUjB1egP+GvCMJHhbwKdCfzyyrLDrOSVc=
SpamDiagnosticOutput: 1:99
SpamDiagnosticMetadata: NSPM
X-Microsoft-Exchange-Diagnostics: 1; BN3PR05MB2483; 7:BCrxgFXJaoV5gg5idL91GlDgQ8EVMxWxHkKe7KCMJcWmLcRAjEGvSCAq1rA0MHSO5R6j7XyU9elLWX9p4q3ooegCtJRXVJE2PaJTpwx4HJwX2jy9PZyJMX1fdk9V5GP0gGA8tVlDAthXaAtIj22m8zeBq8oZH1z8OK2iJCS0aFCQawPw5yFjGH3xqhH0HKXXttkLxPMkXh4ZFnaa7h86MfL8U2QedYOQJDYBCsr7qVhbH3gkZaq1p/r5FqZjjLQryCwGQ4oaBYM9eSovXYy9XBI88GP5+9UV+kAlplKPYZ/H69wNHiQB4c7CCbLgIc6lO4TP+UwB5mRjdSV5C0Qbjg==
X-OriginatorOrg: juniper.net
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 17 Apr 2017 05:15:25.1613 (UTC)
X-MS-Exchange-CrossTenant-Id: bea78b3c-4cdb-4130-854a-1d193232e5f4
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=bea78b3c-4cdb-4130-854a-1d193232e5f4; Ip=[66.129.239.12]; Helo=[p-emfe01a-sac.jnpr.net]
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN3PR05MB2483
Archived-At: <https://mailarchive.ietf.org/arch/msg/curdle/DHaXn85tAA4WAvYUYiHtVwCiHcA>
Subject: Re: [Curdle] draft-ssorce-gss-keyex-sha2-00
X-BeenThere: curdle@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "List for discussion of potential new security area wg." <curdle.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/curdle>, <mailto:curdle-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/curdle/>
List-Post: <mailto:curdle@ietf.org>
List-Help: <mailto:curdle-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/curdle>, <mailto:curdle-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 17 Apr 2017 05:15:29 -0000

Hi Simo & Hubert,

Regarding your draft:
https://www.ietf.org/id/draft-ssorce-gss-keyex-sha2-00.txt

The reference to the -05 I-D.ietf-curdle-ssh-kex-sha2 should probably be
replaced with a reference to draft-ietf-curdle-ssh-modp-dh-sha2-04

Likewise, I-D.draft-ietf-curdle-ssh-curves-00.xml should become
I-D.draft-ietf-curdle-ssh-curves-04.xml for now.

I am somewhat curious why the same curves identified in RFC5656 as
nistp256, nistp384, and nistp521 are being called secp256r1, secp384r1,
secp521r1 in your draft in section 6. Is there a good reason to select
this form of the names?

I will note that gss-secp384r1-sha512-* should probably be
gss-secp384r1-sha384-* to be consistent with how RFC5656
felt security should be handled.

I do know that there is some controversy about supporting SHA2-384
rather than SHA2-256 and SHA2-512, but it has been argued that SHA2-384
does not expose as much of its internal state as does SH2-512 and that
it aligns more closely with the nistp384 curve.

	-- Mark