Re: [psg.com #460] IESG - Transport - Oakley

[nisse%lysator.liu.se@localhost (Niels Möller)]

Jeffrey Hutzelman <jhutz%cmu.edu@localhost> writes:

> If we make "groupN" a parameter, the text changes somewhat:
> "For any N>2, if RFC2412 or its successors define Oakley group N as a
> MODP group, then diffie-hellman-groupN-FOO specifies Diffie-Hellman

As far as I'm aware, the requirement above that a group is of the
"modp" kind is unnecessary. Not that I'm planning to implementing any
more fancy groups (like EC, discussed some weeks ago) anytime soon,
but SSH diffie-hellman exchange should work fine with any group where
the DH-problem is hard. For groups where it's not obvious how to
represent an element as a single bignum, the mapping from group
elements to byte strings would also have to be specified somewhere, of
course.

Anyway, I think this parameterization thing is unnecessarily
complicated. We need one more fix group, let's just do that. If we
find that we need another fix group in the future (e.g. if
dh-group-exchange for some reason isn't universally accepted as the
way to go, or if we want ec-groups, or whatever), then it's simple to
choose another fix group and a suitable name for it when the need
arises.

> Actually, I don't think anyone's spoken up who _doesn't_ prefer the
> "group14" nomenclature.  But I don't think we should assign an
> alternate name to diffie-hellman-group1-sha1 -- I can see no benefit
> to having multiple names for the same thing.

Agree totally. Keep it simple.

/Niels