Re: New 12288 and 16384 bit groups

[Trevor Perrin <trevp@trevp.net>]

At 11:08 AM 3/17/2003 +0200, Alan Barrett wrote:

>On Sat, 15 Mar 2003, Tero Kivinen wrote:
> > All the groups in the draft-ietf-ipsec-ike-modp-groups-05 are proven
> > to be safe primes (i.e both the p and the (p - 1) / 2 are proven to be
> > prime). The ECPP/primo certificates can be found at
> > http://ftp.ssh.com/pub/ietf/ecpp-certificates/ (that url used to be in
> > the draft, but was removed because url's are not stable enough to be
> > used as references (that url is going to be stable :-)).
>
>Perhaps the IANA or the RFC Editor (or both) would be willing to keep
>stable copies of supporting documentation that's too large (or otherwise
>inconvenient) for inclusion in an RFC.
>
>If so, then I'd suggest keeping the "ftp.ssh.com" URL in the draft, with a
>note saying that it should be changed to an "iana.org" or "rfc-editor.org"
>URL before publication as an RFC.

And even if not, maybe the draft could have a note that the primes are 
proven to be safe primes, and that certificates do exist (and if there was 
a website with links to them, with keywords like "IKE primes" and "ECPP 
certificates", they'd turn up on google easily enough)..

Trevor