Re: [IPsec] New draft on IKE Diffie-Hellman checks
Tero Kivinen <kivinen@iki.fi> Fri, 21 December 2012 10:01 UTC
Return-Path: <kivinen@iki.fi>
X-Original-To: ipsec@ietfa.amsl.com
Delivered-To: ipsec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 14A7821F85D2 for <ipsec@ietfa.amsl.com>; Fri, 21 Dec 2012 02:01:22 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.516
X-Spam-Level:
X-Spam-Status: No, score=-102.516 tagged_above=-999 required=5 tests=[AWL=0.083, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id SaCnq6Sp9MiB for <ipsec@ietfa.amsl.com>; Fri, 21 Dec 2012 02:01:21 -0800 (PST)
Received: from mail.kivinen.iki.fi (fireball.kivinen.iki.fi [IPv6:2001:1bc8:100d::2]) by ietfa.amsl.com (Postfix) with ESMTP id 433C521F85AE for <ipsec@ietf.org>; Fri, 21 Dec 2012 02:01:21 -0800 (PST)
Received: from fireball.kivinen.iki.fi (localhost [127.0.0.1]) by mail.kivinen.iki.fi (8.14.5/8.14.5) with ESMTP id qBLA1G9f026052 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Fri, 21 Dec 2012 12:01:16 +0200 (EET)
Received: (from kivinen@localhost) by fireball.kivinen.iki.fi (8.14.5/8.12.11) id qBLA1GgA018380; Fri, 21 Dec 2012 12:01:16 +0200 (EET)
X-Authentication-Warning: fireball.kivinen.iki.fi: kivinen set sender to kivinen@iki.fi using -f
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Message-ID: <20692.13164.237231.901915@fireball.kivinen.iki.fi>
Date: Fri, 21 Dec 2012 12:01:16 +0200
From: Tero Kivinen <kivinen@iki.fi>
To: Yaron Sheffer <yaronf.ietf@gmail.com>
In-Reply-To: <50D321BE.1080407@gmail.com>
References: <50C62D6A.8010709@gmail.com> <5808c090d8485cc6698829b522fade80.squirrel@www.trepanning.net> <A113ACFD9DF8B04F96395BDEACB340421E6940@xmb-rcd-x04.cisco.com> <50C9B0B5.9090600@secunet.com> <A113ACFD9DF8B04F96395BDEACB340421E71FE@xmb-rcd-x04.cisco.com> <a5622369ac2e85b8b04cefea05c832b8.squirrel@www.trepanning.net> <20691.6156.393731.420290@fireball.kivinen.iki.fi> <50D31B35.8090104@secunet.com> <50D321BE.1080407@gmail.com>
X-Mailer: VM 7.19 under Emacs 21.4.1
X-Edit-Time: 4 min
X-Total-Time: 3 min
Cc: IPsecme WG <ipsec@ietf.org>, Johannes Merkle <johannes.merkle@secunet.com>, Dan Harkins <dharkins@lounge.org>, "Scott Fluhrer (sfluhrer)" <sfluhrer@cisco.com>
Subject: Re: [IPsec] New draft on IKE Diffie-Hellman checks
X-BeenThere: ipsec@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Discussion of IPsec protocols <ipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipsec>, <mailto:ipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ipsec>
List-Post: <mailto:ipsec@ietf.org>
List-Help: <mailto:ipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 21 Dec 2012 10:01:22 -0000
Yaron Sheffer writes: > note that this discussion is still a bit tentative, as we are working > with Sean to add the "DH checks" draft into our charter. But anyway... > > For formal reasons, I would like to avoid a dependency from "DH Checks" > on Brainpool. So the better option is #2: have Brainpool I-Ds refer to > our I-D in their IANA Considerations. Ups, I misread the previous comment. I meant that the new brainpool etc drafts should have normative reference to the DH checks draft, not the other way around. There is no need to change the DH checks draft to include reference to the new drafts as that would lock those two drafts together, neither can go forward without the other. The brainpool draft can just write in its IANA considerations section that this document adds these groups, and these are the checks that needs to be done for them (i.e. what to put in the DH checks column etc). So I agree with Yaron about this... -- kivinen@iki.fi
- Re: [IPsec] New draft on IKE Diffie-Hellman checks Scott Fluhrer (sfluhrer)
- [IPsec] New draft on IKE Diffie-Hellman checks Yaron Sheffer
- Re: [IPsec] New draft on IKE Diffie-Hellman checks Hugo Krawczyk
- Re: [IPsec] New draft on IKE Diffie-Hellman checks Scott Fluhrer (sfluhrer)
- Re: [IPsec] New draft on IKE Diffie-Hellman checks Dan Harkins
- Re: [IPsec] New draft on IKE Diffie-Hellman checks Yaron Sheffer
- Re: [IPsec] New draft on IKE Diffie-Hellman checks Hugo Krawczyk
- Re: [IPsec] New draft on IKE Diffie-Hellman checks Dan Harkins
- Re: [IPsec] New draft on IKE Diffie-Hellman checks Dan Harkins
- Re: [IPsec] New draft on IKE Diffie-Hellman checks Dan Brown
- Re: [IPsec] New draft on IKE Diffie-Hellman checks Dan Harkins
- Re: [IPsec] New draft on IKE Diffie-Hellman checks Dan Brown
- Re: [IPsec] New draft on IKE Diffie-Hellman checks Johannes Merkle
- Re: [IPsec] New draft on IKE Diffie-Hellman checks Scott Fluhrer (sfluhrer)
- Re: [IPsec] New draft on IKE Diffie-Hellman checks Hilarie Orman
- Re: [IPsec] New draft on IKE Diffie-Hellman checks Dan Harkins
- Re: [IPsec] New draft on IKE Diffie-Hellman checks Tero Kivinen
- Re: [IPsec] New draft on IKE Diffie-Hellman checks Johannes Merkle
- Re: [IPsec] New draft on IKE Diffie-Hellman checks Yaron Sheffer
- Re: [IPsec] New draft on IKE Diffie-Hellman checks Tero Kivinen
- Re: [IPsec] New draft on IKE Diffie-Hellman checks Tero Kivinen