Hi Paul and all, 1) All of the DH-groups smaller than 2K in the table 3.4 must not be used because they are not strong enough. Right now, groups 5, 2 and 22 are being listed as "should not" which means that "must not use unless a user has a strong reason". The problem is that a user can always have a strong reason because there is no definition of "a strong reason".
The group 2 (1K DH group) is currently mandatory-to-implement; therefore, implementers must implement it for interop. reason. But, the problem is that the draft is also for users. So, there are two problems. The first one is that the working group should update the standard to mandate a stronger DH group (or a ECC group) (which is hard to get done soon). And, the second (which is urgent) is that the draft should explicitly say that "users must not use those weak groups". The fact that many existing devices are still using the group 2 ( 1K DH group) does not make the group secure. The document should provide sound technical guidelines for users. If a user still chooses to use a weak group, that would be his/her own fault. 2) Similarly for RSA sizes smaller than 2K and digital signatures using SHA1, "should not" should become "must not". Regards, Quynh. ________________________________________ From: IPsec <[email protected]> on behalf of Paul Hoffman <[email protected]> Sent: Friday, April 8, 2016 3:09:07 PM To: IPsecME WG Subject: [IPsec] WG Last Call on draft-ietf-ipsecme-rfc4307bis Greetings. As discussed on the list for the past few weeks, and in the face-to-face meeting in Buenos Aires (which, for many of us, seems to translate to "too much beef"), draft-ietf-ipsecme-rfc4307bis is ready for WG Last Call. We would like everyone to review it carefully, given that there have been some significant changes over the past few months. This WG Last Call will end on April 22. It would be grand if everyone on this list would read the draft as if it was brand new and respond on the list with any problems, any questions, or even just "it is ready to progress as-is". Extra points are given for reviewers who don't wait until the last minute. --Paul Hoffman and Dave Waltermire _______________________________________________ IPsec mailing list [email protected] https://www.ietf.org/mailman/listinfo/ipsec _______________________________________________ IPsec mailing list [email protected] https://www.ietf.org/mailman/listinfo/ipsec
