> Thanks for doing this. Great to see folks incorporating such
> things where we can and I'll be interested to see how the
> experiments with this pan out.
Thanks yet again for another review Stephen. We incorporated such things due to
you allowing me to present to the SAAG a couple of years ago and how helpful
people were in general. It was a good idea by Joel to get you guys to be
involved in the design early in the process.
> - intro: (nit) "PKI infrastructure" - the I in PKI
> already means infrastructure:-)
> - intro: (another nit) I don't get why " o Packet
> transport is optimized due to less packet headers.
> Packet loss is reduced by a more efficient key exchange."
> is true.
Less bandwidth utilization both inside of a router and on its external links.
> - 3: (more nittyness:) AEAD is defined in RFC5116.
Put the reference in on the first occurence of AEAD.
> - section 6 non-nit: I don't see why you want cipher
> suites 1, 2 and 4. The set of 3,5 and 6 seems to me like
> it'd be plenty. If it's not too late, I'd encourage you
> to either drop 1,2 and 4 or say those are OPTIONAL and
> 3,5 and 6 are RECOMMENDED.
We had a lot of discussion about this. And consulted a few crypto folks. We
wanted smaller key sizes for devices that were CPU challenged. And we wanted DH
and ECDH for simpler implementation choices. Cipher Suite 4 with key size 3072
with GCM was a strong comment we received.
We are experimenting to see which ones, in time, will be the most popular. So I
would like to leave as is.
> - section 7: I think you should embed the KDF into the
> cipher suite. It's ok to only have one KDF now, but later
> you may want others and it's fairly easy to include the
> KDF as part of the definition of the ciphersuite.
I will add the KDF to section 6 to each of the Cipher Suites and make it the
same for now. Thanks, a good suggestion.
> - section 7: Why didn't you choose RFC 5869 for the KDF?
> That's a more accessible reference I think and just as
lisp mailing list