IETF Logo Mail Archive

Re: [saag] Possible backdoor in RFC 5114

Jeffrey Walton <noloader@gmail.com> Thu, 06 October 2016 17:07 UTC

Return-Path: <noloader@gmail.com>
X-Original-To: saag@ietfa.amsl.com
Delivered-To: saag@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A5EA3129721 for <saag@ietfa.amsl.com>; Thu, 6 Oct 2016 10:07:01 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.7
X-Spam-Level:
X-Spam-Status: No, score=-2.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9VzVG_Eje7I6 for <saag@ietfa.amsl.com>; Thu, 6 Oct 2016 10:06:56 -0700 (PDT)
Received: from mail-it0-x22d.google.com (mail-it0-x22d.google.com [IPv6:2607:f8b0:4001:c0b::22d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3948F129650 for <saag@ietf.org>; Thu, 6 Oct 2016 10:06:56 -0700 (PDT)
Received: by mail-it0-x22d.google.com with SMTP id o19so35953838ito.1 for <saag@ietf.org>; Thu, 06 Oct 2016 10:06:56 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:reply-to:in-reply-to:references:from:date:message-id :subject:to:cc:content-transfer-encoding; bh=DRLG7QXDKXFQxcYX7XVFz0uFpbRE8KZfrpeXANoQpKI=; b=ihIM6mjlXWNyiCt0ocu4DZtLaJHOK0SO+rJaMxbNJqITzIIfqQBxI1CFXEbXOhKDhk Fo8GzJnmIlkvxo2GJOLQjZ8v5+nxtl4ea6KF4IeTjc/f+KMmLnT2i7IX20WIXnPZOQc6 tDHuhOlbvmFNFCbLjqeslJAaVEIUxJgeMRAngfGlBfN6keKkp1Qtb468DZBYf8ux2K1M 3Yw4E24WXrUKkGEAIxaKf4NakvGcA1tUy4V9uQzgzAqM55DJrrmXINuoAEkqlS5TlGgf iEaHaYP598Ek/JrbulrRLGNXDlcX/CUFZ48Q8hIuT46oPU96CcPj69KQYnMu3VYXP5aM Tg7g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:reply-to:in-reply-to:references :from:date:message-id:subject:to:cc:content-transfer-encoding; bh=DRLG7QXDKXFQxcYX7XVFz0uFpbRE8KZfrpeXANoQpKI=; b=TLOquePAbp9K4y92yBRFTZB+DZItEo5S8McrdQ6cAizrPKF7D53OAleY9DYbZxUyQK Pvz4QfuhmaT8otD1dRHszoLIiFjJRAnigqfacQLSvp4HEa2PVEkxAHPslpCXEWQJAt0o ytxixXLcV7Y35ZQRKPqA0Yw2KcLG0KtC1iMyHnIf2jxQmzS93z6SoetIdX1Xw3Fvi0G/ kJm2RVkJJ6KDVRlroRRv/rqgF96F3sTsK+1dcgqfdF8oXMK2FnlkLZbHFENbyhSA68X9 gBhnto6kjjDfBtJbmmu8i091igacbuYbGPuQfRRFiMyaIylATWVASdLJgEvXcw7VIHF4 klLA==
X-Gm-Message-State: AA6/9Rnn5VuIxkz5hc/eyOBDdQ1Ldx4bHnqeIu5wRmu7Bv0qjsIm8q7G6j88jgac6eWTyjm7R1PPGK84ZpRJKw==
X-Received: by 10.36.43.82 with SMTP id h79mr17038932ita.60.1475773615298; Thu, 06 Oct 2016 10:06:55 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.36.36.194 with HTTP; Thu, 6 Oct 2016 10:06:54 -0700 (PDT)
In-Reply-To: <37739375-AD0C-4CF2-B8B9-F61B89692135@gmail.com>
References: <CACsn0ck9u3ct3wD7xWXtDZ89Q1R6OKTQFMYuZ56_vY2ys+1=YQ@mail.gmail.com> <37739375-AD0C-4CF2-B8B9-F61B89692135@gmail.com>
From: Jeffrey Walton <noloader@gmail.com>
Date: Thu, 06 Oct 2016 13:06:54 -0400
Message-ID: <CAH8yC8kVZ=2-XKdUPRw=bxwJaMJFOoNDp7oB7XcUGhTznXSoiw@mail.gmail.com>
To: Yoav Nir <ynir.ietf@gmail.com>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/saag/SonOi7i-mZOv20kE5BG1kHJuvhE>
Cc: Security Area Advisory Group <saag@ietf.org>
Subject: Re: [saag] Possible backdoor in RFC 5114
X-BeenThere: saag@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
Reply-To: noloader@gmail.com
List-Id: Security Area Advisory Group <saag.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/saag>, <mailto:saag-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/saag/>
List-Post: <mailto:saag@ietf.org>
List-Help: <mailto:saag-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/saag>, <mailto:saag-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 06 Oct 2016 17:07:02 -0000

> At minimum we should obsolete RFC 5114 in favor of primes generated in
> a verifiable manner. The fact that there already were primes for IKE
> use makes me wonder why this was even needed in the first place.
>
> RFC 5114 is an Informational document published by two employees (at the
> time) of BBN as individuals. As the boilerplate says, “it does not specify
> an Internet standard of any kind”.

They were published by the IETF which established provenance and
provided attestation.

If the IETF is going to back pedal on 5114, then there are other
"Additional Group" documents it has published which may need to be
back pedaled too, like 3526.

(3526 is what I happened to use in the past due to the larger field
sizes; not 5114).

Jeff

v2.23.0 | Report a Bug | By Email