Re: DH KEX names an "aberration"?

To: sommerfeld%sun.com@localhost
Subject: Re: DH KEX names an "aberration"?
From: Ben Harris <bjh21%bjh21.me.uk@localhost>
Date: Fri, 11 Feb 2005 13:49:52 +0000

In article <1108055458.11303.10.camel@thunk> you write:
>here's a revision which documents the past rather than constraining the future:
>
>   Additional methods may be defined as specified in [SSH-NUMBERS]. The
>   name "diffie-hellman-group1-sha1" is used for a key exchange method
>   using an Oakley group as defined in [RFC2412].  SSH maintains its own
>   group identifier space which is logically distinct from Oakley and IKE;
>   however, for one additional group, the Working Group adopted the number
>   assigned by [RFC3526], using diffie-hellman-group14-sha1 for the name of 
>   the second defined group.  Implementations should treat these names as 
>   opaque identifiers and should not assume any relationship between the groups
>   used by SSH and the groups defined in 2412 and its successors.

That seems good to me.  Having looked at the relevant RFCs and the IANA
IPsec registry, it looks like the official reference for IPsec group 2 is
RFC 2409 rather than RFC 2412, and RFC 3526 is only vaguely a successor to
either.  Perhaps "in 2412 and its successors" should read "for IKE".

-- 
Ben Harris

Follow-Ups:
- Re: DH KEX names an "aberration"?
  - From: Chris Lonvick

References:
- RE: DH KEX names an "aberration"?
  - From: denis bider
- RE: DH KEX names an "aberration"?
  - From: Chris Lonvick
- RE: DH KEX names an "aberration"?
  - From: Bill Sommerfeld

Prev by Date: Re: DH KEX names an "aberration"?
Next by Date: Re: tcpip-forward requests and bind addresses
Previous by Thread: Re: DH KEX names an "aberration"?
Next by Thread: Re: DH KEX names an "aberration"?
Indexes:

Home | Main Index | Thread Index | Old Index