The IESG has approved the following document: - 'ECP Groups for IKE and IKEv2 ' <draft-solinas-rfc4753bis-01.txt> as an Informational RFC This document has been reviewed in the IETF but is not the product of an IETF Working Group. The IESG contact person is Tim Polk. A URL of this Internet-Draft is: http://www.ietf.org/internet-drafts/draft-solinas-rfc4753bis-01.txt Technical Summary This document describes Elliptic Curve Cryptography (ECC) groups based on modular arithmetic (rather than binary arithmetic) for use in the Internet Key Exchange (IKE) and Internet Key Exchange version 2 (IKEv2) protocols. These groups were originally described in RFC 4753; this document incorporates errata submitted for RFC 4753 which changes the format of the Diffie-Hellman shared secret value. Working Group Summary This document was not the product of any working group. No technical issues were raised during IETF Last Call, although one reviewer requested notational changes. These changes were not implemented. Document Quality RFC 4753 is referenced as an optional feature in several IPv6 profiles, and is currrently supported in products for specific communities of interest (e.g., US DoD). These algorithms are currently in widespread use by the broader community, but are experiencing growth in adoption. Personnel Tim Polk is the Responsible Area Director. Given the nature of this document (essentially incorporation of errata), the AD decided to forgo selecting a Document Shepherd. RFC Editor Note In the last paragraph of Section 1, please make the following substitution: OLD These groups were originally proposed in [RFC4753]. This document changes the format of the shared key produced by a Diffie-Hellman exchange using these groups. Section 9 provides more details of the changes from [RFC4753]. This document obsoletes RFC 4753. NEW These groups were originally proposed in [RFC4753]. This document changes the format of the shared key produced by a Diffie-Hellman exchange using these groups. The shared key format used in this specification appeared earlier as an erratum to RFC 4753, but some implementors of RFC 4753 were unaware of the correction and did not implement the errata. Implementations of 4753 that incorporate the errata are interoperable with implementations of this specification. However, there is a potential for interoperability problems between implementations of this specification and implementations of 4753 that did not implement the errata. These problems could be difficult to detect and analyze since both use the same code point but the secret value (which is probably not available to the trouble desk) is computed differently. Where peers are not interoperable, the initiator will never receive a response and eventually times out. Section 9 provides more details of the changes from [RFC4753]. This document obsoletes RFC 4753. _______________________________________________ IETF-Announce mailing list IETF-Announce@ietf.org https://www.ietf.org/mailman/listinfo/ietf-announce
