Re: Last Call: Security Architecture for the Internet Protocol to Proposed Standard

[Lewis McCarthy <lmccarth@cs.umass.edu>]

The IESG wrote:
> The IESG will also consider publication of the following
> Internet-Drafts as Informational RFCs:
[...]
>  o The OAKLEY Key Determination Protocol
>         <draft-ietf-ipsec-oakley-02.txt>

Hi,

Just a few editorial comments w.r.t. Oakley:

[1] The 2000-bit modulus recommendation for 90 bits of strength in Sec. 
2.11.1 doesn't seem to jibe with the at-least-1400-bit modulus 
recommendation for 90 bits of strength in Appendix D.

[2] In Appendix D, the clause "the size of the largest prime factor of the
modulus" should instead say something like `the size of the largest prime
factor of the group size`. The suggested phrasing mirrors the existing
language in Sec. 2.8: "The security of a modular exponentiation group 
depends on the largest prime factor of the group size."

[3] In a couple of places Appendix A says:
      "Strength of group: a 32-bit integer.  We will specify a formula
        for calculating this number (TBD)."
Presumably the "TBD" should be changed....

-- 
Lewis     http://www.cs.umass.edu/~lmccarth/

---

References:

• Last Call: Security Architecture for the Internet Protocol to Proposed Standard
• From: The IESG <iesg-secretary@ns.ietf.org>

---

• Prev by Date: Last Call for IPSEC (repeat post)
• Next by Date: [Fwd: Last Call: Security Architecture for the Internet Protocol toProposed Standard]
• Prev by thread: Re: Last Call: Security Architecture for the Internet Protocol to Proposed Standard
• Next by thread: Re: Last Call: Security Architecture for the Internet Protocol to Proposed Standard
• Index(es):
  • Main
  • Thread