At 1:51 PM -0800 11/19/09, Bill Sommerfeld wrote: >On Tue, 2009-11-10 at 17:15 -0500, Law, Laurie wrote: >> This Internet-Draft makes several minor changes to the suites in RFC >> 4869 and incorporates comments that have been posted to the ipsec >> mailing list. > >On reading the spec, it's not clear to me whether an IKEv1 >implementation which supports ECP-based DH (rfc4753) with preshared keys >but not ECDSA (rfc4754) is considered to usefully implement this >specification.
The text says: IKEv1 implementations MUST support pre-shared key authentication [RFC2409] for interoperability. The authentication method used with IKEv1 MUST be either pre-shared key [RFC2409] or ECDSA-256 [RFC4754]. To me, that sounds like preshared keys are just fine for IKEv1 in this profile, but I might be misunderstanding what you mean by "usefully". >As a practical matter, the ECDSA piece of this spec is likely to be the >largest and last piece built -- given a working elliptic curve codebase, >plugging ephemeral ECDH into an IKE implementation is a much smaller >problem than building ECDSA into both an IKE implementation and the PKI >client codebase, tools, and keystores it relies on. Probably true, but ECDSA is far from impossible, as the OpenSSL people have shown for a while now. --Paul Hoffman, Director --VPN Consortium _______________________________________________ IPsec mailing list IPsec@ietf.org https://www.ietf.org/mailman/listinfo/ipsec
