Re: [IPsec] WGLC on draft-ietf-ipsecme-safecurves?
Simon Josefsson <simon@josefsson.org> Thu, 12 November 2015 11:59 UTC
Return-Path: <simon@josefsson.org>
X-Original-To: ipsec@ietfa.amsl.com
Delivered-To: ipsec@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4144B1A6F92 for <ipsec@ietfa.amsl.com>; Thu, 12 Nov 2015 03:59:55 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.551
X-Spam-Level:
X-Spam-Status: No, score=-1.551 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HELO_EQ_SE=0.35, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id sGuTQPgBujFJ for <ipsec@ietfa.amsl.com>; Thu, 12 Nov 2015 03:59:53 -0800 (PST)
Received: from duva.sjd.se (duva.sjd.se [IPv6:2001:9b0:1:1702::100]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4A9F01A6F8F for <ipsec@ietf.org>; Thu, 12 Nov 2015 03:59:52 -0800 (PST)
Received: from latte.josefsson.org ([155.4.17.2]) (authenticated bits=0) by duva.sjd.se (8.14.4/8.14.4/Debian-4) with ESMTP id tACBxa8Z021939 (version=TLSv1/SSLv3 cipher=AES128-GCM-SHA256 bits=128 verify=NOT); Thu, 12 Nov 2015 12:59:37 +0100
From: Simon Josefsson <simon@josefsson.org>
To: Yoav Nir <ynir.ietf@gmail.com>
References: <87bnaztti1.fsf@latte.josefsson.org> <24AFF548-28A6-422E-95D0-9C4AEBDC958B@gmail.com>
OpenPGP: id=54265E8C; url=http://josefsson.org/54265e8c.txt
X-Hashcash: 1:22:151112:ynir.ietf@gmail.com::DCyhbL9J0GCYEJ5J:1I8/
X-Hashcash: 1:22:151112:ipsec@ietf.org::I1GRCiPjVzRIZ+tJ:DSep
Date: Thu, 12 Nov 2015 12:59:35 +0100
In-Reply-To: <24AFF548-28A6-422E-95D0-9C4AEBDC958B@gmail.com> (Yoav Nir's message of "Thu, 12 Nov 2015 13:45:35 +0200")
Message-ID: <877flntom0.fsf@latte.josefsson.org>
User-Agent: Gnus/5.130014 (Ma Gnus v0.14) Emacs/24.4 (gnu/linux)
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-="; micalg="pgp-sha256"; protocol="application/pgp-signature"
X-Virus-Scanned: clamav-milter 0.98.7 at duva.sjd.se
X-Virus-Status: Clean
Archived-At: <http://mailarchive.ietf.org/arch/msg/ipsec/jHFSvjaN_os018lysPu7BOdIJx8>
Cc: ipsec@ietf.org
Subject: Re: [IPsec] WGLC on draft-ietf-ipsecme-safecurves?
X-BeenThere: ipsec@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Discussion of IPsec protocols <ipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipsec>, <mailto:ipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipsec/>
List-Post: <mailto:ipsec@ietf.org>
List-Help: <mailto:ipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 12 Nov 2015 11:59:55 -0000
Yoav Nir <ynir.ietf@gmail.com> writes: >> On 12 Nov 2015, at 12:13 PM, Simon Josefsson <simon@josefsson.org> wrote: >> >> There have been no additional comment on the list, and we have had one >> positive review from an implementer [1]. Is there any reason to wait >> further with WG last calling this document? Its dependency on >> draft-irtf-cfrg-curves is in the RFC editors queue already. >> >> Thanks, >> /Simon >> >> [1] https://mailarchive.ietf.org/arch/msg/ipsec/vS1sy2ROhA6twEe7QwX1ISXtLVM > > OK, so here’s two comments: Thank you! > 1. See Ilari’s pr for RFC4492bis [2]. Do we want similar name > changes? We could use a similar change when we talk about key agreement explicitly. When talking about the curves the traditional names are fine. > 2. We make no mention of EdDSA signatures. I know they should just > work with RFC 7427, but do we want to mention them and give the OIDs? Support for EdDSA might be a completely different draft. I'm not convinced RFC 7427 plus an OID is sufficient to get EdDSA to work in an interoperable manner. Is there interest from the WG in pursuing EdDSA signing in IPSEC? If so we could add it to this draft or write a new one. /Simon > Yoav > > [2] https://github.com/tlswg/rfc4492bis/pull/16 > > > _______________________________________________ > IPsec mailing list > IPsec@ietf.org > https://www.ietf.org/mailman/listinfo/ipsec
- [IPsec] WGLC on draft-ietf-ipsecme-safecurves? Simon Josefsson
- Re: [IPsec] WGLC on draft-ietf-ipsecme-safecurves? Yoav Nir
- Re: [IPsec] WGLC on draft-ietf-ipsecme-safecurves? Simon Josefsson