Hi Yaron, On Fri, July 29, 2011 2:47 pm, Yaron Sheffer wrote: > Hi Dan, > > there are three drafts on the table, and they are NOT identical. Crypto > protocols, as you know well, are a mixture of cryptography and > engineering. While the engineering on all three is very similar, the > cryptography is not.
I didn't say the cryptography was identical, nor did I say the drafts are identical (if they were then this "controversy" would be even more contrived!). What I meant was that if your original opposition to my draft was technical (or non-political, as you say) then we would've seen some demonstrable technical difference in 1 of the 3 new drafts. We didn't. They all do a zero knowledge proof in about the same number of rounds (adding one to IKE_AUTH) with about the same amount of work (+- a modular exponentiation). They all achieve the same goal in approximately the same amount of messages with approximately the same amount of work. If there was a obvious demonstrable technical difference between the drafts then the WG would've picked a winner or the AD would've picked a winner or his designated expert would've picked a winner. But we have no winner so, as I said, they are "effectively _identical_ from a technical point of view." So there wasn't a technical reason for you to do what you did. We could've had a standards track solution to this work item if you had just treated my draft in the same way you treated your own. But no. We have 3 drafts, an implementation problem, and now your opposition to a draft to lessen that problem as much as possible. > I do not wish to offend, but I believe cryptography is better left to > professional cryptographers. I am not a cryptographer; the primary > author of draft-kuegler-ipsecme-pace-ikev2 is. I'm not offended because I'm not a cryptographer and have never said otherwise. But neither are any of the editors of the IKEv2 draft and I don't remember your opposition to the advancement of that draft to RFC. Dan. _______________________________________________ IPsec mailing list [email protected] https://www.ietf.org/mailman/listinfo/ipsec
