IETF Logo Mail Archive

Re: [IPsec] IKE's DH groups 19-21, NIST, FIPS 140-2, etc.

"Dan Harkins" <dharkins@lounge.org> Mon, 13 July 2009 06:30 UTC

Return-Path: <dharkins@lounge.org>
X-Original-To: ipsec@core3.amsl.com
Delivered-To: ipsec@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 82F1A28C20B for <ipsec@core3.amsl.com>; Sun, 12 Jul 2009 23:30:10 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.944
X-Spam-Level:
X-Spam-Status: No, score=-4.944 tagged_above=-999 required=5 tests=[AWL=-1.279, BAYES_00=-2.599, IP_NOT_FRIENDLY=0.334, RCVD_IN_DNSWL_MED=-4, SARE_BAYES_5x8=0.8, SARE_BAYES_6x8=0.8, SARE_BAYES_7x8=1]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id m5Pd41DTF+Ct for <ipsec@core3.amsl.com>; Sun, 12 Jul 2009 23:30:08 -0700 (PDT)
Received: from colo.trepanning.net (colo.trepanning.net [69.55.226.174]) by core3.amsl.com (Postfix) with ESMTP id 16EDD28C208 for <ipsec@ietf.org>; Sun, 12 Jul 2009 23:30:08 -0700 (PDT)
Received: from www.trepanning.net (localhost [127.0.0.1]) by colo.trepanning.net (Postfix) with ESMTP id 67F1510224074; Sun, 12 Jul 2009 23:30:38 -0700 (PDT)
Received: from 69.12.173.8 (SquirrelMail authenticated user dharkins@lounge.org) by www.trepanning.net with HTTP; Sun, 12 Jul 2009 23:30:38 -0700 (PDT)
Message-ID: <d40f609fa0c2863d237de7d86a8521f0.squirrel@www.trepanning.net>
In-Reply-To: <p0624083dc67ff7d430d6@[10.20.30.158]>
References: <B500CA54-010F-469F-AFA2-92AB44F71D54@stratussolutions.com> <p062408b4c672f6178fca@[10.20.30.158]> <7D42CBF1-5BEB-4EE3-93E2-754A4BC2764A@stratussolutions.com> <p062408e0c67317806446@[10.20.30.158]> <OF3AB4DB32.79E9CCEB-ON852575E9.00403C25-852575E9.0040606B@us.ibm.com> <p06240816c6751e1439fb@[10.20.30.158]> <7F9A6D26EB51614FBF9F81C0DA4CFEC8E8ABD59519@il-ex01.ad.checkpoint.com> <20090706201610.049289A4772@odin.smetech.net> <19d0f0d561d7f5968851c362136ba194.squirrel@www.trepanning.net> <p06240836c67fae970680@[10.20.30.249]> <3e17ef62ef65f207403ade498730d4ea.squirrel@www.trepanning.net> <p0624083dc67ff7d430d6@[10.20.30.158]>
Date: Sun, 12 Jul 2009 23:30:38 -0700
From: Dan Harkins <dharkins@lounge.org>
To: Paul Hoffman <paul.hoffman@vpnc.org>
User-Agent: SquirrelMail/1.4.14 [SVN]
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: 8bit
X-Priority: 3 (Normal)
Importance: Normal
Cc: "ipsec@ietf.org" <ipsec@ietf.org>, Dan Harkins <dharkins@lounge.org>, defu@orion.ncsc.mil
Subject: Re: [IPsec] IKE's DH groups 19-21, NIST, FIPS 140-2, etc.
X-BeenThere: ipsec@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Discussion of IPsec protocols <ipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ipsec>
List-Post: <mailto:ipsec@ietf.org>
List-Help: <mailto:ipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 13 Jul 2009 06:30:10 -0000

On Sun, July 12, 2009 1:33 pm, Paul Hoffman wrote:
>>But it still seems wrong to have two different documents defining the
>> same
>>curve differently, even if they are uncorrelated Informational RFCs.
>
> Again: RFC 5114 does not "define" those three curves. The IANA registry,
> <http://www.iana.org/assignments/ikev2-parameters>, defines them, and has
> the definition pointing to RFC 4753.

  No, the IANA registry defines a magic number one uses to refer to
the parameters of the curve which are actually defined in an RFC. And while
FFFFFFFF 00000001 00000000 00000000 00000000 FFFFFFFF FFFFFFFF FFFFFFFC
may equal -3 in this wonderful prime modulus group it causes a double- or
triple-take when implementing the group referred to by the IANA registry
that is defined in this RFC. There are 2 RFCs that define the same
parameters of group 19 differently even if mathematically they are not
different.

  And actually I think defining the curve ala RFC5114 is better since
a prime finite field is defined as [0, 1, ..., p-1] and "-3" is not in
that set.

>>  Can you elaborate on why you don't want to "ask the 4753bis authors to
>>significantly expand their document in a way that they didn't intend in
>>the original"?
>
> Yes. The current rfc4752bis, which is in IETF Last Call, has a very clear
> focus, namely to fix the error that started this thread. Asking them to
> also take on work that is unrelated to that focus is inappropriate. If
> they wanted to do that, they could have done so before IETF Last Call.

  When "Last Call" is announced it doesn't mean you can't order a drink
anymore, it means this is your last chance to order a drink before it's
too late. For I-Ds, comments post publication are "too late" and it hasn't
been published yet so it's not too late to ask the authors to change
their draft.

  Dan.

v2.29.0 | Report a Bug | By Email | System Status