[IPsec] Opsdir last call review of draft-ietf-ipsecme-eddsa-04
Joel Jaeggli <joelja@bogus.com> Wed, 29 November 2017 00:52 UTC
Return-Path: <joelja@bogus.com>
X-Original-To: ipsec@ietf.org
Delivered-To: ipsec@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 215C9128B93; Tue, 28 Nov 2017 16:52:30 -0800 (PST)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: Joel Jaeggli <joelja@bogus.com>
To: ops-dir@ietf.org
Cc: ipsec@ietf.org, ietf@ietf.org, draft-ietf-ipsecme-eddsa.all@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 6.66.0
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <151191675007.8090.17913891042195155302@ietfa.amsl.com>
Date: Tue, 28 Nov 2017 16:52:30 -0800
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipsec/GxFJT-8uuvbNXYvCqpeO0f0MIcc>
Subject: [IPsec] Opsdir last call review of draft-ietf-ipsecme-eddsa-04
X-BeenThere: ipsec@ietf.org
X-Mailman-Version: 2.1.22
List-Id: Discussion of IPsec protocols <ipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipsec>, <mailto:ipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipsec/>
List-Post: <mailto:ipsec@ietf.org>
List-Help: <mailto:ipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 29 Nov 2017 00:52:30 -0000
Reviewer: Joel Jaeggli Review result: Ready I reviewed draft-ietf-ipsecme-eddsa on behalf of the opsdir during it's IETF Last call. This standards track draft introduces an importance change in the IKE negotiation in that the sender can indicate that it hash algorithms which do not require prehashing and can instead operate on arbitrary length data. It also goes on to make a more strong requirement then RFC 8032 (which is informational) that: " The pre-hashed versions of Ed25519 and Ed448 (Ed25519ph and Ed448ph respectively) MUST NOT be used in IKE." Changes to IKE negotiation require careful review, but I am satisfied that this explicit signal improves the handling of support for the edwards curves.
- [IPsec] Opsdir last call review of draft-ietf-ips… Joel Jaeggli