Re: [psg.com #460] IESG - Transport - Oakley - new proposal

To: Chris Lonvick <clonvick%cisco.com@localhost>
Subject: Re: [psg.com #460] IESG - Transport - Oakley - new proposal
From: nisse%lysator.liu.se@localhost (Niels Möller)
Date: 22 Jun 2004 11:39:07 +0200

Chris Lonvick <clonvick%cisco.com@localhost> writes:

> [TRANSPORT] - revise section 6.5
> 
> 6.5  Key Exchange Methods

[...]

>    repeated. Any future specifications of Diffie Hellman key exchange
>    using Oakley groups defined in [RFC2412] or its successors should be
>    named using the group numbers assigned by IANA, and names of the form
>    "diffie-hellman-groupN-sha1" should be reserved for this purpose.
                                  ^^^^^^^^^^^^^^^^^^

I'd say "are reserved for this purpose", if such text can go in this
document (rather than the numbers document). No need to be vague about
the reservation. 

> [TRANSPORT] - revise section 8.1

Ok.

> [TRANSPORT] - add section 8.2

Ok.


> 8.2 diffie-hellman-group14-sha1

Ok.

> [NUMBERS] - Add a line in the current Section 4.3

Ok.

> [ARCHITECTURE]  modify 9.2.7 (Security Considerations for TRANS)
> Section 9.2.7 discusses Forward Secrecy and PFS, and it specifically
> names diffie-hellman-group1-sha1. I'd like to reference both defined
> key exchange methods in this section.

Ok.

> [ARCHITECTURE]  new section 9.2.8 (Security Considerations for TRANS)

[...]

> The proposed new section in [ARCH] will say:
> 
>    As stated in Section 7.1 of [TRANS], each device will send a list of
>    preferred methods for key exchange.  The most-preferred method is the
>    first in the list.  Implementations are free to determine their default
>    preferences based upon relative cryptographic security, performance
>    or other criteria.  If only the two methods defined in Section 8 of
>    [TRANS] are are implemented, it is RECOMMENDED that
>    diffie-hellman-group14-sha1 be listed before
>    diffie-hellman-group1-sha1 in the kex list.

I can accept this writing, but I would still prefer that it either be
deleted, or be generalized to something like "if an implementation
doesn't have any other reason to preferring one algorithm over the
other, it's recommended to sort the algorithms by cryptographic
strength, strongest first", which applies to all algorithm lists, not
just the key exchange method.

Regards,
/Niels

Follow-Ups:
- Re: [psg.com #460] IESG - Transport - Oakley - new proposal
  - From: Chris Lonvick

References:
- [psg.com #460] IESG - Transport - Oakley - new proposal
  - From: Chris Lonvick

Prev by Date: Re: [psg.com #460] IESG - Transport - Oakley - new proposal
Next by Date: Re: [psg.com #460] IESG - Transport - Oakley - new proposal
Previous by Thread: Re: [psg.com #460] IESG - Transport - Oakley - new proposal
Next by Thread: Re: [psg.com #460] IESG - Transport - Oakley - new proposal
Indexes:

Home | Main Index | Thread Index | Old Index