Ben Laurie writes: > Jack Lloyd wrote: > > Check RFC 2412, draft-ietf-ipsec-ikev2-05.txt, and > > draft-ietf-ipsec-ike-modp-groups-05.txt > > However, I don't seen any primality proof certificates included in the > > texts.
I considered adding the ecpp certificates to draft-ietf-ipsec-ike-modp-groups document, but as the certificates are several magabytes in total, there is no point of adding them to this kind of document (the document would be several hundred pages long consisting only numbers...). > RFC 2412 looks good, however, as you say, no certificates are included, > nor is it made clear that (p-1)/2 has been proven. > I-Ds are less useful to me, since I can't give a long-term reference for > them :-( The draft-ietf-ipsec-ike-modp-groups used to have pointer to the ftp site having the certificates (ftp://ftp.ssh.fi/pub/ietf/ecpp-certificates), but that was removed during the IESG review, because url references are not stable enough in general (the ftp://ftp.ssh.fi/pub/ietf/ecpp-certificates site is supposed to be there forever). That site also includes certificates of modp groups from the RFC 2412 (and (p-1)/2 also). I actually just finished finding the 16384 bit Diffie-Helman group with same kind of parameters. It took about 9.5 months to generate. The 12288 bit group took only about 15 days to generate. Proving them will propably take even longer than generating them... -- [EMAIL PROTECTED] SSH Communications Security http://www.ssh.fi/ SSH IPSEC Toolkit http://www.ssh.fi/ipsec/ --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]