IETF Logo Mail Archive

[Hipsec] Digital Signature Algorithms

pekka.nikander@nomadiclab.com (Pekka Nikander) Wed, 13 October 2004 00:54 UTC

From: pekka.nikander@nomadiclab.com
Date: Wed, 13 Oct 2004 00:54:01 +0000
Subject: [Hipsec] Digital Signature Algorithms
In-Reply-To: <200410121858.38644.julien.laganier@sun.com>
References: <200410071521.16054.julien.laganier@sun.com> <416543F8.6040006@piuha.net> <200410121858.38644.julien.laganier@sun.com>
Message-ID: <6AA91027-1CDD-11D9-97E8-000D9331AFB0@nomadiclab.com>
X-Date: Wed Oct 13 00:54:01 2004

> So how does people feel about making both DSA and RSA mandatory in
> HIP?

I don't have any strong opinions.  IIRC, the usual IETF crypto
guidelines state that

   a) there must be at least one common MUST implement
      algorithm that is considered secure enough

   b) the algorithms must be negotiable so that if the
      currently MUST implement turns out to be insecure,
      the implementations can be easily upgraded to use
      some other, new MUST implement algorithm

Anyone care to check what the guidelines and other
documents actually say?

   draft-ietf-ipsec-ikev2-algorithms-05.txt
   draft-iab-auth-mech-03.txt
   crypto forum?

 From a robustness point of view, it would of course good to
have multiple MUST implement algorithms.  OTOH, I think
that there should also be some guidelines how to use them
so that the chances of interoperability are maintained
even in the case that one of the hosts only supports one
algorithm, e.g., due to policy reasons.

Maybe we could have DSA as MUST and RSA as SHOULD?

--Pekka

v2.23.0 | Report a Bug | By Email