IETF Logo Mail Archive

Re: [TLS] Short Ephermal Diffie-Hellman keys

Russ Housley <housley@vigilsec.com> Tue, 15 May 2007 22:00 UTC

Return-path: <tls-bounces@lists.ietf.org>
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1Ho53w-0006qy-GI; Tue, 15 May 2007 18:00:08 -0400
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1Ho53v-0006qt-7i for tls@lists.ietf.org; Tue, 15 May 2007 18:00:07 -0400
Received: from woodstock.binhost.com ([66.150.120.2]) by ietf-mx.ietf.org with smtp (Exim 4.43) id 1Ho53u-0004Oy-0n for tls@lists.ietf.org; Tue, 15 May 2007 18:00:07 -0400
Received: (qmail 5560 invoked by uid 0); 15 May 2007 21:59:58 -0000
Received: from unknown (HELO THINKPADR52.vigilsec.com) (72.66.14.186) by woodstock.binhost.com with SMTP; 15 May 2007 21:59:58 -0000
X-Mailer: QUALCOMM Windows Eudora Version 7.1.0.9
Date: Tue, 15 May 2007 17:54:27 -0400
To: Bodo Moeller <bmoeller@acm.org>
From: Russ Housley <housley@vigilsec.com>
Subject: Re: [TLS] Short Ephermal Diffie-Hellman keys
In-Reply-To: <20070515202726.GA24732@tau.invalid>
References: <op.tsa3n9ttqrq7tp@nimisha.oslo.opera.com> <4648AEA2.3020506@bolyard.com> <20070515130804.GA15682@tau.invalid> <4649D2FD.2020309@drh-consultancy.demon.co.uk> <4649E35B.4030809@bolyard.com> <20070515202726.GA24732@tau.invalid>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format="flowed"
X-Spam-Score: 0.1 (/)
X-Scan-Signature: 1ac7cc0a4cd376402b85bc1961a86ac2
Cc: tls@lists.ietf.org
X-BeenThere: tls@lists.ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.lists.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/tls>
List-Post: <mailto:tls@lists.ietf.org>
List-Help: <mailto:tls-request@lists.ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=subscribe>
Errors-To: tls-bounces@lists.ietf.org
Message-Id: <E1Ho53w-0006qy-GI@megatron.ietf.org>

Bodo:

> >> Speaking of which what do people think about including the sub prime
> >> value (aka "q") as an optional value in DH parameters in a TLS 1.2
> >> handshake?
>
>Yes, this definitely should be done!

RFC 2412 does not seem use "q" this way.  Does anyone every use 
Oakley groups with TLS?  If so, then you probably need some more 
general way to indicate the size of the subgroup.

Russ 


_______________________________________________
TLS mailing list
TLS@lists.ietf.org
https://www1.ietf.org/mailman/listinfo/tls

v2.23.0 | Report a Bug | By Email