[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Last Call: Security Architecture for the Internet Protocol to Proposed Standard
The IESG wrote:
> The IESG will also consider publication of the following
> Internet-Drafts as Informational RFCs:
[...]
> o The OAKLEY Key Determination Protocol
> <draft-ietf-ipsec-oakley-02.txt>
Hi,
Just a few editorial comments w.r.t. Oakley:
[1] The 2000-bit modulus recommendation for 90 bits of strength in Sec.
2.11.1 doesn't seem to jibe with the at-least-1400-bit modulus
recommendation for 90 bits of strength in Appendix D.
[2] In Appendix D, the clause "the size of the largest prime factor of the
modulus" should instead say something like `the size of the largest prime
factor of the group size`. The suggested phrasing mirrors the existing
language in Sec. 2.8: "The security of a modular exponentiation group
depends on the largest prime factor of the group size."
[3] In a couple of places Appendix A says:
"Strength of group: a 32-bit integer. We will specify a formula
for calculating this number (TBD)."
Presumably the "TBD" should be changed....
--
Lewis http://www.cs.umass.edu/~lmccarth/
References: