Re: representation of IKE DH shared secret

[jburke@cylink.com (John Burke)]

At 06:53 PM 4/21/99 -0700, somebody wrote:
>On Wed, 21 Apr 1999 01:54:47 EDT you wrote
>> 
>> For a similar case, that of the KE payload, RFC 2409 does specify the
>> more about the representation in section 5:
>> 
>>    The Diffie-Hellman public value passed in a KE payload, in either a
>>    phase 1 or phase 2 exchange, MUST be the length of the negotiated
>>    Diffie-Hellman group enforced, if necessary, by pre-pending the value
>>    with zeros.
  [ ... ]
>I'm obviously not enough of a pedant so let me try to be one. Webster says:
>"encode: to convert (as a body of information) from one system of
>communication into another." So if the KE payload was, say, MIME then we
>would have an encoding. The information is not converted into another
>system. It's not an encoding. It's no contradiction.
> 
[ ... ]
>Is this a problem? We seem to have gotten a score (or so) interoperable
>implementations as its written but maybe that's just because a D-H
>secret hasn't been produced yet that began with 8 bits of zero. But
>somehow I doubt it.

I would suggest the attitude showing through in the above does not
contribute to the clearest specs.  As another responder (Tero Kivinen
<kivinen@ssh.fi>) pointed out, some implementors had to go to an
interoperation workshop to discover such things.  The fact that x percent
of twenty people guess right - when not entirely isolated - doesn't make
the spec clear.

On the other hand there is this in the conclusion:

>The way to proceed is to write up some suggested text and send it to
>the list. If no one complains I'll add it to the next rev which will be
 [ ... ]

- John Burke
  Cylink, Sunnyvale, CA

---

• Prev by Date: Re: representation of IKE DH shared secret
• Next by Date: info request...
• Prev by thread: Re: representation of IKE DH shared secret
• Next by thread: Re: representation of IKE DH shared secret
• Index(es):
  • Main
  • Thread