Re: [IPsec] IKEv2 Diffie-Hellman Elliptic curve mess (RFC4753, RFC5114, RFC4869, and draft-solinas-rfc4753bis-01)
Tero Kivinen <kivinen@iki.fi> Mon, 25 January 2010 09:18 UTC
Return-Path: <kivinen@iki.fi>
X-Original-To: ipsec@core3.amsl.com
Delivered-To: ipsec@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 37A5F3A6915 for <ipsec@core3.amsl.com>; Mon, 25 Jan 2010 01:18:21 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lf3XDNFtj+rV for <ipsec@core3.amsl.com>; Mon, 25 Jan 2010 01:18:20 -0800 (PST)
Received: from mail.kivinen.iki.fi (fireball.acr.fi [83.145.195.1]) by core3.amsl.com (Postfix) with ESMTP id F22863A683E for <ipsec@ietf.org>; Mon, 25 Jan 2010 01:18:19 -0800 (PST)
Received: from fireball.kivinen.iki.fi (localhost [127.0.0.1]) by mail.kivinen.iki.fi (8.14.3/8.14.3) with ESMTP id o0P9IN0D003861 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Mon, 25 Jan 2010 11:18:23 +0200 (EET)
Received: (from kivinen@localhost) by fireball.kivinen.iki.fi (8.14.3/8.12.11) id o0P9ILlm001649; Mon, 25 Jan 2010 11:18:21 +0200 (EET)
X-Authentication-Warning: fireball.kivinen.iki.fi: kivinen set sender to kivinen@iki.fi using -f
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Message-ID: <19293.25053.902474.678053@fireball.kivinen.iki.fi>
Date: Mon, 25 Jan 2010 11:18:21 +0200
From: Tero Kivinen <kivinen@iki.fi>
To: "Jerome A. Solinas" <jasolin@orion.ncsc.mil>
In-Reply-To: <4B59F2F1.9030107@orion.ncsc.mil>
References: <19243.32427.247190.77844@fireball.kivinen.iki.fi> <p06240800c756c4a8ed30@[10.20.30.249]> <4B59F2F1.9030107@orion.ncsc.mil>
X-Mailer: VM 7.19 under Emacs 21.4.1
X-Edit-Time: 7 min
X-Total-Time: 6 min
Cc: ipsec@ietf.org
Subject: Re: [IPsec] IKEv2 Diffie-Hellman Elliptic curve mess (RFC4753, RFC5114, RFC4869, and draft-solinas-rfc4753bis-01)
X-BeenThere: ipsec@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Discussion of IPsec protocols <ipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ipsec>
List-Post: <mailto:ipsec@ietf.org>
List-Help: <mailto:ipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 25 Jan 2010 09:18:21 -0000
Jerome A. Solinas writes: > We would recommend keeping the same numbers (19, 20, 21) since it > appears that all existing implementations have made the correction. Not true. For example our QuickSec OEM IPsec toolkit did originally use only X, but then some vendor complained that RFC4753 uses both X and Y so we "fixed" our toolkit to use both. All version shipped between 2007 and end of 2009 uses both X and Y, and only the latest version uses only X. Yes, this will mean that our latest version is not compatible with our old versions, so most likely that will cause the connections timeout when ECP groups are used, thus most likely users will then just notice that "Do not use ECP, it does not work". And note, that we only modified our code when some OTHER vendor told us that RFC4753 uses both X and Y. So we were not the only implementation out there which followed original RFC4753. Also as our customer has quite a long product cycles usually meaning that the release we make now will most likely get into the products only after year or two, and when we provide fixes for old versions for them, they might or might not make their actual products, that is not something we can tell. Usually it takes long time to get them into their products, which means the QuickSec toolkit based implementations using X and Y are going to be out there for long time... -- kivinen@iki.fi
- Re: [IPsec] IKEv2 Diffie-Hellman Elliptic curve m… Yaron Sheffer
- [IPsec] IKEv2 Diffie-Hellman Elliptic curve mess … Tero Kivinen
- Re: [IPsec] IKEv2 Diffie-Hellman Elliptic curve m… Scott C Moonen
- Re: [IPsec] IKEv2 Diffie-Hellman Elliptic curve m… Paul Hoffman
- Re: [IPsec] IKEv2 Diffie-Hellman Elliptic curve m… Dan Harkins
- Re: [IPsec] IKEv2 Diffie-Hellman Elliptic curve m… Yoav Nir
- Re: [IPsec] IKEv2 Diffie-Hellman Elliptic curve m… Tero Kivinen
- Re: [IPsec] IKEv2 Diffie-Hellman Elliptic curve m… Tero Kivinen
- Re: [IPsec] IKEv2 Diffie-Hellman Elliptic curve m… Tero Kivinen
- Re: [IPsec] IKEv2 Diffie-Hellman Elliptic curve m… Yaron Sheffer
- Re: [IPsec] IKEv2 Diffie-Hellman Elliptic curve m… Dan Harkins
- Re: [IPsec] IKEv2 Diffie-Hellman Elliptic curve m… Dan Harkins
- Re: [IPsec] IKEv2 Diffie-Hellman Elliptic curve m… Black_David
- Re: [IPsec] IKEv2 Diffie-Hellman Elliptic curve m… Bill Sommerfeld
- Re: [IPsec] IKEv2 Diffie-Hellman Elliptic curve m… Dan Harkins
- Re: [IPsec] IKEv2 Diffie-Hellman Elliptic curve m… Black_David
- Re: [IPsec] IKEv2 Diffie-Hellman Elliptic curve m… Dan Harkins
- Re: [IPsec] IKEv2 Diffie-Hellman Elliptic curve m… Yoav Nir
- Re: [IPsec] IKEv2 Diffie-Hellman Elliptic curve m… Tero Kivinen
- Re: [IPsec] IKEv2 Diffie-Hellman Elliptic curve m… Tero Kivinen
- Re: [IPsec] IKEv2 Diffie-Hellman Elliptic curve m… Tero Kivinen
- Re: [IPsec] IKEv2 Diffie-Hellman Elliptic curve m… Jerome A. Solinas
- Re: [IPsec] IKEv2 Diffie-Hellman Elliptic curve m… Dan Harkins
- Re: [IPsec] IKEv2 Diffie-Hellman Elliptic curve m… Tero Kivinen
- Re: [IPsec] IKEv2 Diffie-Hellman Elliptic curve m… Jerome A. Solinas