Re: [IPsec] NUDGE: WG Last Call for draft-ietf-ipsecme-dh-checks

"Dan Harkins" <> Tue, 09 April 2013 20:13 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 70D4221F97EB for <>; Tue, 9 Apr 2013 13:13:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -6.265
X-Spam-Status: No, score=-6.265 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, IP_NOT_FRIENDLY=0.334, RCVD_IN_DNSWL_MED=-4]
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id RvTMFk3y6Mlc for <>; Tue, 9 Apr 2013 13:13:18 -0700 (PDT)
Received: from ( []) by (Postfix) with ESMTP id B774821F93F7 for <>; Tue, 9 Apr 2013 13:13:18 -0700 (PDT)
Received: from (localhost []) by (Postfix) with ESMTP id 1207610224008 for <>; Tue, 9 Apr 2013 13:13:17 -0700 (PDT)
Received: from (SquirrelMail authenticated user by with HTTP; Tue, 9 Apr 2013 13:13:17 -0700 (PDT)
Message-ID: <>
In-Reply-To: <>
References: <>
Date: Tue, 9 Apr 2013 13:13:17 -0700 (PDT)
From: "Dan Harkins" <>
To: "IPsecme WG" <>
User-Agent: SquirrelMail/1.4.14 [SVN]
MIME-Version: 1.0
Content-Type: text/plain;charset=iso-8859-1
Content-Transfer-Encoding: 8bit
X-Priority: 3 (Normal)
Importance: Normal
Subject: Re: [IPsec] NUDGE: WG Last Call for draft-ietf-ipsecme-dh-checks
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Discussion of IPsec protocols <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Tue, 09 Apr 2013 20:13:19 -0000


  I think it looks fine and I have a nit that the authors can ignore
if they like.

  I don't like the fact that RFC 5903 does not list a specific value for
"a" in the parameter set definition and instead just says -3 in the
equation for the curve. This draft does the same sort of thing in
Section 2.3 by saying, "for groups 19, 20, 21,  a=-3, and all other
values of a, b and p for the group are listed in the RFC." Which to
me sounds like it's the same value: minus three.

  Note that RFC 5114 also defines these groups but lists the proper
(to me) value for "a". It's probably not right to just refer to RFC 5114,
especially since RFC 5903 is listed in the repository for those curves,
so my nit would be to change it to "for groups 19, 20, and 21,
a = -3 mod p, and for all other values...." just to let the reader who
might not be so familiar with the topic know that "a" is not the same
for each curve.

  This is a good draft and I'm glad it was written.



On Mon, April 8, 2013 2:46 pm, Paul Hoffman wrote:
> [[ So far, we have received only *one* review of this document, from Tero.
> If we don't receive more reviews, the document might not progress due to
> lack of interest. Please review this document within the next week and
> contribute your review to the list. ]]
> Greetings. This is the start of the WG Last Call for
> draft-ietf-ipsecme-dh-checks; the WG period will end in two weeks, on
> April 15. The current draft is available at
> Given that this will be a Standards Track document, it is important for it
> to be reviewed by as many people as possible. Possible results of
> individual reviewing the document are:
> - "Looks fine, please publish"
> - "Looks fine, here are some comments"
> - "Has some problems, here they are"
> - Other things of that sort
> Many people on this mailing list are IPsec implementers but are mostly or
> completely silent on the mailing list. If you are one of those people,
> doing a WG Last Call review is a good way to participate usefully in the
> WG. Please strongly consider (a) reading the current draft and (b) sending
> a message to the list with your short or long review. If there are too few
> reviews on this document, we could get pushback from the IESG about the
> document.
> --Paul Hoffman
> _______________________________________________
> IPsec mailing list
> _______________________________________________
> IPsec mailing list