IETF-SSH archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
DH KEX names an "aberration"?
In preparing a response to a message on another list, I went back to the
current transport draft to check on what the outcome was of the DH key
exchange group naming debate. I found the following text:
Note that, for historical reasons, the name
"diffie-hellman-group1-sha1" is used for a key exchange method using
an Oakley group as defined in [RFC2412]. Subsequently, the Working
Group attempted to follow the numbering scheme of group numbers from
[RFC3526] with diffie-hellman-group14-sha1 for the name of the second
defined name. This is considered an aberration and should not be
repeated. Any future specifications of Diffie-Hellman key exchange
using Oakley groups defined in [RFC2412] or its successors should be
performed with care and a bit of research.
Now, I remember arguing that we should name these things based on the group
numbers assigned in RFC2412 and its successors, and that "group1" was an
aberration. And, I remember other people arguing that we should treat
"group1" as existing practice to be followed, and assign our own names
independent of those assigned in RFC2412.
The text above implies that we chose to follow the existing numbering
scheme and use "group14", but that also that we consider _that_ an
"aberration" and something to be avoided in the future. That just doesn't
make any sense to me -- if we decided we should use our own naming scheme,
why use "group14" at all. And if we decided not to use our own naming
scheme, why does the document essentially say that was a bad decision?
Also, while I don't disagree with the last sentence in principle, it seems
to be implying that the current work was not "performed with care and a bit
of research". Given the amount of debate and, yes, research that went into
that decision, that seems inappropriate here.
What happened here?
-- Jeff
Home |
Main Index |
Thread Index |
Old Index