Re: [IPsec] RFC 7427 on Signature Authentication in the Internet Key Exchange Version 2 (IKEv2)
Yaron Sheffer <yaronf.ietf@gmail.com> Wed, 07 January 2015 08:40 UTC
Return-Path: <yaronf.ietf@gmail.com>
X-Original-To: ipsec@ietfa.amsl.com
Delivered-To: ipsec@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C62F41A898B for <ipsec@ietfa.amsl.com>; Wed, 7 Jan 2015 00:40:59 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 1.747
X-Spam-Level: *
X-Spam-Status: No, score=1.747 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, MALFORMED_FREEMAIL=2.726, MISSING_HEADERS=1.021, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Yiq5BS_wA-yh for <ipsec@ietfa.amsl.com>; Wed, 7 Jan 2015 00:40:58 -0800 (PST)
Received: from mail-wi0-x235.google.com (mail-wi0-x235.google.com [IPv6:2a00:1450:400c:c05::235]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 106F91A8965 for <ipsec@ietf.org>; Wed, 7 Jan 2015 00:40:58 -0800 (PST)
Received: by mail-wi0-f181.google.com with SMTP id r20so1082276wiv.2 for <ipsec@ietf.org>; Wed, 07 Jan 2015 00:40:56 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=message-id:date:from:user-agent:mime-version:cc:subject:references :in-reply-to:content-type:content-transfer-encoding; bh=XeAHJFdl0bCWaGMW5UO72ju4B/KuyyjNCZ8pNZD5328=; b=hquWUL1NVmLncLM1WeG2JCVK23e+TgSRpFZ2fWNFvlivRCdAsUwEvny3GM15ZWUM27 OOCfZ+5r0tz9p5lZ45u19UoXf9xE9bz9k3jBhGndgmlVhDPJ+WbV1gaWN7ui7CBUm2qu 0ktxpyK41qqU1UxVURfINhptlV22N3wu5g4jzJMv7XXKdH1MsglwBdCRyKBgSPKU53h4 FMk6KT7LXq2zXgi+j/9exnBNJvC8eXioilBZJurk+oCCdFIFRLHeEb5zi4nEA7AiND3H n8KrJMge5zqbiqn+W8Z3RQfBS0WRikhztH/w2e9vYdDkaDhaDqaqLPhzSaT9Pt1ClbS2 AZBQ==
X-Received: by 10.180.206.47 with SMTP id ll15mr5198103wic.34.1420620056867; Wed, 07 Jan 2015 00:40:56 -0800 (PST)
Received: from [10.2.0.130] (93-173-247-187.bb.netvision.net.il. [93.173.247.187]) by mx.google.com with ESMTPSA id i15sm1235880wjq.22.2015.01.07.00.40.56 for <ipsec@ietf.org> (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 07 Jan 2015 00:40:56 -0800 (PST)
Message-ID: <54ACF117.3080700@gmail.com>
Date: Wed, 07 Jan 2015 10:40:55 +0200
From: Yaron Sheffer <yaronf.ietf@gmail.com>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.3.0
MIME-Version: 1.0
CC: ipsec@ietf.org
References: <20150107015637.D17B0181CD3@rfc-editor.org>
In-Reply-To: <20150107015637.D17B0181CD3@rfc-editor.org>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Transfer-Encoding: 7bit
Archived-At: http://mailarchive.ietf.org/arch/msg/ipsec/klBiyaQmKTdlbIRSGAC9M6bomVM
Subject: Re: [IPsec] RFC 7427 on Signature Authentication in the Internet Key Exchange Version 2 (IKEv2)
X-BeenThere: ipsec@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Discussion of IPsec protocols <ipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipsec>, <mailto:ipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ipsec/>
List-Post: <mailto:ipsec@ietf.org>
List-Help: <mailto:ipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 07 Jan 2015 08:41:00 -0000
This is an important addition to IKEv2. Thank you Tero and Joel, and the other members of the design team: Dan Harkins, Johannes Merkle, David McGrew and Yoav Nir. Paul and Yaron On 01/07/2015 03:56 AM, rfc-editor@rfc-editor.org wrote: > A new Request for Comments is now available in online RFC libraries. > > > RFC 7427 > > Title: Signature Authentication in the Internet > Key Exchange Version 2 (IKEv2) > Author: T. Kivinen, J. Snyder > Status: Standards Track > Stream: IETF > Date: January 2015 > Mailbox: kivinen@iki.fi, > jms@opus1.com > Pages: 18 > Characters: 39041 > Updates: RFC 7296 > > I-D Tag: draft-kivinen-ipsecme-signature-auth-07.txt > > URL: https://www.rfc-editor.org/info/rfc7427 > > The Internet Key Exchange Version 2 (IKEv2) protocol has limited > support for the Elliptic Curve Digital Signature Algorithm (ECDSA). > The current version only includes support for three Elliptic Curve > groups, and there is a fixed hash algorithm tied to each group. This > document generalizes IKEv2 signature support to allow any signature > method supported by PKIX and also adds signature hash algorithm > negotiation. This is a generic mechanism and is not limited to > ECDSA; it can also be used with other signature algorithms. > > This document is a product of the IP Security Maintenance and Extensions Working Group of the IETF. > > This is now a Proposed Standard. > > STANDARDS TRACK: This document specifies an Internet Standards Track > protocol for the Internet community, and requests discussion and suggestions > for improvements. Please refer to the current edition of the Official > Internet Protocol Standards (https://www.rfc-editor.org/standards) for the > standardization state and status of this protocol. Distribution of this > memo is unlimited. > > This announcement is sent to the IETF-Announce and rfc-dist lists. > To subscribe or unsubscribe, see > https://www.ietf.org/mailman/listinfo/ietf-announce > https://mailman.rfc-editor.org/mailman/listinfo/rfc-dist > > For searching the RFC series, see https://www.rfc-editor.org/search > For downloading RFCs, see https://www.rfc-editor.org/rfc.html > > Requests for special distribution should be addressed to either the > author of the RFC in question, or to rfc-editor@rfc-editor.org. Unless > specifically noted otherwise on the RFC itself, all RFCs are for > unlimited distribution. > > > The RFC Editor Team > Association Management Solutions, LLC > >
- [IPsec] RFC 7427 on Signature Authentication in t… rfc-editor
- Re: [IPsec] RFC 7427 on Signature Authentication … Yaron Sheffer