IETF Logo Mail Archive

Re: [IPsec] IKEv2 Diffie-Hellman Elliptic curve mess (RFC4753, RFC5114, RFC4869, and draft-solinas-rfc4753bis-01)

"Jerome A. Solinas" <jasolin@orion.ncsc.mil> Fri, 22 January 2010 18:48 UTC

Return-Path: <jasolin@orion.ncsc.mil>
X-Original-To: ipsec@core3.amsl.com
Delivered-To: ipsec@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id D7A7A3A6A57 for <ipsec@core3.amsl.com>; Fri, 22 Jan 2010 10:48:23 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.599
X-Spam-Level:
X-Spam-Status: No, score=-6.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Enjim7LBxZT5 for <ipsec@core3.amsl.com>; Fri, 22 Jan 2010 10:48:23 -0800 (PST)
Received: from msux-gh1-uea02.nsa.gov (msux-gh1-uea02.nsa.gov [63.239.67.2]) by core3.amsl.com (Postfix) with ESMTP id EFCB23A6A2F for <ipsec@ietf.org>; Fri, 22 Jan 2010 10:48:22 -0800 (PST)
Received: from tarius.tycho.ncsc.mil (localhost [127.0.0.1]) by msux-gh1-uea02.nsa.gov (8.12.10/8.12.10) with ESMTP id o0MImFPU025999 for <ipsec@ietf.org>; Fri, 22 Jan 2010 18:48:15 GMT
Received: from [144.51.26.44] (moss-warsteiner [144.51.26.44]) by tarius.tycho.ncsc.mil (8.13.1/8.13.1) with ESMTP id o0MImHIA007565 for <ipsec@ietf.org>; Fri, 22 Jan 2010 13:48:18 -0500
Message-ID: <4B59F2F1.9030107@orion.ncsc.mil>
Date: Fri, 22 Jan 2010 13:48:17 -0500
From: "Jerome A. Solinas" <jasolin@orion.ncsc.mil>
User-Agent: Thunderbird 1.5.0.12 (X11/20090624)
MIME-Version: 1.0
To: ipsec@ietf.org
References: <19243.32427.247190.77844@fireball.kivinen.iki.fi> <p06240800c756c4a8ed30@[10.20.30.249]>
In-Reply-To: <p06240800c756c4a8ed30@[10.20.30.249]>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
Subject: Re: [IPsec] IKEv2 Diffie-Hellman Elliptic curve mess (RFC4753, RFC5114, RFC4869, and draft-solinas-rfc4753bis-01)
X-BeenThere: ipsec@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Discussion of IPsec protocols <ipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ipsec>
List-Post: <mailto:ipsec@ietf.org>
List-Help: <mailto:ipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 22 Jan 2010 18:48:24 -0000

Paul Hoffman wrote:
> First off, thank you for bringing the topic to the WG. As the Designated Expert, you are certainly allowed to make decisions without asking, so it is extra nice that you ask on decisions that might be controversial.
>
> On this particular topic, I would note that RFC 4753 is Informational RFC, not a standards-track document. Thus, I would think that desires of the authors of the RFC should have a heavier influence than the rest of us, although our input might be important inputs to them (and maybe to the Designated Expert). Maybe we should put the issue aside until we hear from them, which could be after the holiday.
>
> --Paul Hoffman, Director
>   
We would recommend keeping the same numbers (19, 20, 21) since it 
appears that all existing implementations have made the correction.  
Also, we would prefer to keep RFC4753 and RFC5114 distinct since we'd 
like to keep a separate document as a Suite B reference.  If the 
inclusion of the three ECP groups in two different standards is causing 
confusion, it might be worth thinking about removing them from the 
upcoming RFC5114 update.

-- Jerome A. Solinas, RFC4753 coauthor

v2.23.0 | Report a Bug | By Email