Re: Proposal for new DH Groups 6, 7, and 8

[Will Price <wprice@cyphers.net>]

Sounds fine to me.  I'm far more concerned with reaching agreement on
larger primes and getting ID numbers assigned than in which primes get used.

It was also pointed out off the list that there is an existing draft for
6, 7, 8, and 9 in the EC space.  Thus, these DH primes should be 10, 11,
and 12.

So, let's move this forward.  Do you want to write those primes up as a
draft or can Dan include them in the next IKE-01 draft?



Tero Kivinen wrote:
> 
> Will Price writes:
> > I would like to propose three new DH Groups for IKE of 2048, 3072, and
> > 4096 bits.  This should adequately cover all foreseeable future needs.  I
> > have included documentation on the generation of these primes which were
> > originally generated for PGPfone, and there is an interesting story about
> > how they were generated at the end of this message.
> 
> I think those primes should be generated in the same way the primes
> currently in the IKE are generated, i.e to have format of
> [... alternate primes...]

-- 

Will Price, Director of Engineering
PGP Security, Inc.
a division of Network Associates, Inc.
Direct  (408)346-5906
Cell/VM (650)533-0399

---

Follow-Ups:

• Re: Proposal for new DH Groups 6, 7, and 8
• From: Tero Kivinen <kivinen@ssh.fi>

References:

• Proposal for new DH Groups 6, 7, and 8
• From: Will Price <wprice@cyphers.net>
• Proposal for new DH Groups 6, 7, and 8
• From: Tero Kivinen <kivinen@ssh.fi>

---

• Prev by Date: Re: Proposal for new DH Groups 6, 7, and 8
• Next by Date: Re: Proposal for new DH Groups 6, 7, and 8
• Prev by thread: Re: Proposal for new DH Groups 6, 7, and 8
• Next by thread: Re: Proposal for new DH Groups 6, 7, and 8
• Index(es):
  • Main
  • Thread