[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Re: representation of IKE DH shared secret

To: ipsec@lists.tislabs.com
Subject: Re: Re: representation of IKE DH shared secret
From: jburke@cylink.com (John Burke)
Date: Thu, 22 Apr 1999 18:01:17 -0700
Sender: owner-ipsec@lists.tislabs.com

Just for the interest of all contributors:

At 03:34 PM 4/22/99 -0700, you wrote:
>On Thu, 22 Apr 1999 13:01:55 PDT you wrote
>> At 06:53 PM 4/21/99 -0700, somebody wrote:
>> >On Wed, 21 Apr 1999 01:54:47 EDT you wrote
>> >> 
>> >> For a similar case, that of the KE payload, RFC 2409 does specify the
>> >> more about the representation in section 5:
>> >> 
>> >>    The Diffie-Hellman public value passed in a KE payload, in either a
>> >>    phase 1 or phase 2 exchange, MUST be the length of the negotiated
>> >>    Diffie-Hellman group enforced, if necessary, by pre-pending the value
>> >>    with zeros.
>>   [ ... ]
>> >I'm obviously not enough of a pedant so let me try to be one. Webster
says:
>> >"encode: to convert (as a body of information) from one system of
>> >communication into another." So if the KE payload was, say, MIME then we
>> >would have an encoding. The information is not converted into another
>> >system. It's not an encoding. It's no contradiction.
>> > 
>> [ ... ]
>> >Is this a problem? We seem to have gotten a score (or so) interoperable
>> >implementations as its written but maybe that's just because a D-H
>> >secret hasn't been produced yet that began with 8 bits of zero. But
>> >somehow I doubt it.
>> 
>> I would suggest the attitude showing through in the above does not
>> contribute to the clearest specs.  As another responder (Tero Kivinen
>> <kivinen@ssh.fi>) pointed out, some implementors had to go to an
>> interoperation workshop to discover such things.  The fact that x percent
>> of twenty people guess right - when not entirely isolated - doesn't make
>> the spec clear.
>
>Nice suggestion John. But it's true. I'm not anal-retentive enough to
>write "clear". I seriously wonder how some people tie their shoes in the
>morning and walk across a street.
>
>> On the other hand there is this in the conclusion:
>
>> >The way to proceed is to write up some suggested text and send it to
>> >the list. If no one complains I'll add it to the next rev which will be
>>  [ ... ]
>
>What a completely content-free post. A "suggestion", which is no such thing
>at all, followed by an observation of something that was obvious to all.
>Way to contribute! 
>
>  Dan,
>
>

Follow-Ups:

Re: representation of IKE DH shared secret

From: Dan Harkins <dharkins@network-alchemy.com>

Prev by Date: Re: representation of IKE DH shared secret
Next by Date: Re: representation of IKE DH shared secret
Prev by thread: Re: info request...
Next by thread: Re: representation of IKE DH shared secret
Index(es):
- Main
- Thread