During the draft-ietf-lwig-ikev2-minimal Stephen pointed out that in
my draft I have copied requirements from the RFC7296:
----------------------------------------------------------------------
...
For an implementation to be called conforming to this specification,
it MUST be possible to configure it to accept the following:
o Public Key Infrastructure using X.509 (PKIX) Certificates
containing and signed by RSA keys of size 1024 or 2048 bits, where
the ID passed is any of ID_KEY_ID, ID_FQDN, ID_RFC822_ADDR, or
ID_DER_ASN1_DN.
...
----------------------------------------------------------------------
And he pointed out that this asks for mandatory to implemented key
size for RSA to be 1024 or 2048-bits.
It is not up to the ikev2-minimal to change these, but RFC4307bis is
different thing.
I.e. should we modify this also while updating the RFC4307? We could
add section about the mandatory to implement authentication methods,
and specify which methods are to be used, for example require RSA key
lengths of 2048 bits, and perhaps say that implementations SHOULD
support RSA key lengths up to 4096 bits.
For the elliptic curves we might want to say something about signature
authentication method (RFC 7427) as that supports generic elliptic
curves not only the nist versions. Also should we say something about
the RSASSA-PKCS1-v1_5 vs RSASSA-PSS?
--
[email protected]
_______________________________________________
IPsec mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/ipsec
