Hi Tero, I personally think that 0 would have been legitimate for the "Identity" hash but the next unassigned value (5) is also ok for me.
Could you please ask IANA for an early assignment of the code point? strongSwan 5.5.2 with Ed25519 support is ready to be deployed, thus we would be able to release the stable version as soon as the code point has been assigned. Best regards Andreas Steffen On 09.02.2017 13:40, Tero Kivinen wrote: > Ah I noticed that my last call email had wrong draft name in the > subject line and in the link. The correct draft name is of course > draft-ietf-ipsecme-eddsa-00 not *-nir-* version. > > David Schinazi writes: >> I've reviewed this draft. I support it and believe it is ready to move >> forward >> towards becoming a standards-track RFC. Also, would it make sense to ask >> IANA for early assignment of the code point? Using 0 sounds reasonable to me. > > As this is expert review registry there is no need to ask for early > allocation, the normal process is just to fill in the IANA general > request for assignments, which then goes to the IANA and they will > then send it to the expert (me) for verification. > > If normal number (other than 0) would be given out, then I would just > say yes, but allocating 0, which in registry is marked as: > > 0 Reserved [RFC7427] > > and is not part of the : > > 5-1023 Unassigned > > range, then I would be bit more hesitant to give it out, and would > most likely want to poll the WG and list before making decision. > > I actually myself think it would be better to just allocate next free > number from the unassigned space, and keep the value 0 as reserved... > > For example we do not use value 0 of Encryption Algorithms transform > to mean ENCR_NULL, we do have separate number allocated for it. On the > other hand we do have value 0 meaning NONE in the Integrity algorithm > transform ID table and for diffie hellman values, but there the > meaning is bit different, it means there is no value for that id, here > it would be meaning that there is this identity function version of > the hash function. > > As an expert and as a implementor I think I would prefer next free > number over 0... Quite commonly in the code we use value 0 as meaning, > we have not yet received anything, or we have not yet initialized this > field, and having separate value for identity function might make > things easier. But if others have good reasons why the value 0 is > better, feel free to tell me... > ====================================================================== Andreas Steffen [email protected] strongSwan - the Open Source VPN Solution! www.strongswan.org Institute for Networked Solutions HSR University of Applied Sciences Rapperswil CH-8640 Rapperswil (Switzerland) ===========================================================[INS-HSR]==
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ IPsec mailing list [email protected] https://www.ietf.org/mailman/listinfo/ipsec
