SORT BY:

LIST ORDER
THREAD
AUTHOR
SUBJECT


SEARCH

IPS HOME


    [Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

    RE: IPS security draft: SRP groups



    Missed this earlier, sorry ...
    
    > Ok.  I didn't know that but I probably would have learned it if I had
    > done the necessary reading about groups and generators.  But the point
    > of my question wasn't "is it possible to compute g" but rather "how
    > about supplying g in the spec" (since the g=2 from IKE is not
    > appropriate).   It seems a bit redundant for everyone to repeat the
    > search for a suitable g...
    >
    > So what's the story about unlisted groups?  Is an implementation that
    > accepts only the groups listed in appendix A, but not any "locally
    > generated" ones, a compliant implementation?
    > 
    Yes - accepting those groups and only those groups is the minimum
    (MUST) requirement.  If the IKE groups are to remain allowed, we
    need to specify generators for their use with SRP - please consider
    this to be a serious *PLEA* for someone to volunteer to do the
    crpto-theoretic number crunching needed to find SRP generators for
    those groups and/or prove the primality of the SRP primes.  Lack of
    progress here has the potential to hold up the security draft on
    which *all* of our protocol drafts depend (normative references).
    We can promise at least 30 minutes of fame (*twice* the proverbial
    15 ;-) ) to those who resolve this issue ...
    
    Thanks,
    --David
    ---------------------------------------------------
    David L. Black, Senior Technologist
    EMC Corporation, 42 South St., Hopkinton, MA  01748
    +1 (508) 249-6449            FAX: +1 (508) 497-8018
    black_david@emc.com       Mobile: +1 (978) 394-7754
    ---------------------------------------------------
    


Home

Last updated: Mon Jul 08 01:18:51 2002
11167 messages in chronological order