As an additional datapoint: We (Dan McDonald and I) recently extended our IKEv1 implementation to include ECDH groups 19, 20, and 21 as well as the 5114 groups, over a cryptographic library which only makes the "x" coordinate available.
The as-specified behavior is unimplementable using the public interface to the library we have available to us. While I have not been following this list closely, I found the errata and associated discussion. This code is not yet in a publicly available build of Solaris but we've interoperated with groups 19 and 20 with a publicly available product build of one other implementation so far (worked on the first try) and wouldn't mind a little more interoperability testing before letting it escape into the wild. I believe the errata is clear and there is enough of a critical mass of implementations doing it correctly (x value only) that it's not necessary to deprecate the existing codepoints. _______________________________________________ IPsec mailing list [email protected] https://www.ietf.org/mailman/listinfo/ipsec
