[IPsec] #116: The AUTH payload signature

To: Yaron Sheffer <yaronf at checkpoint.com>
Subject: [IPsec] #116: The AUTH payload signature
From: Tero Kivinen <kivinen at iki.fi>
Date: Fri, 30 Oct 2009 14:04:05 +0200
Cc: IPsecme WG <ipsec at ietf.org>
Delivered-to: ipsec at core3.amsl.com
In-reply-to: <7F9A6D26EB51614FBF9F81C0DA4CFEC801BDA1213EA8 at il-ex01.ad.checkpoint.com>
List-archive: <http://www.ietf.org/mail-archive/web/ipsec>
List-help: <mailto:ipsec-request@ietf.org?subject=help>
List-id: Discussion of IPsec protocols <ipsec.ietf.org>
List-post: <mailto:ipsec@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=unsubscribe>
References: <7F9A6D26EB51614FBF9F81C0DA4CFEC801BDA1213EA8 at il-ex01.ad.checkpoint.com>

Yaron Sheffer writes:
> The definition of the payload (sec. 3.8) should mention explicitly
> that the payload hash algorithm is unrelated to the one used in the
> certificate, or the algorithm used to sign the IKE Encrypted
> Payload.

What is the exact wording you are plannig to add there. As in some
cases the hash functions are related to the keys used (for example
hash must be SHA if DSS digital Signatures are used) the exact wording
is important. Also it is very good idea to see that if other end used
certificates using SHA-2 as their hash algorithm for certificates,
then he most likely do support SHA-2 as auth method hash algorithm
too, so using it to hash the RSA keys might be good idea.

This means that hash algorithm used here and the hash algorithm used
in the certificate are related, altought that does not mean they need
to be same.

> Moreover, the words "by default" are confusing and should be
> deleted.

I cannot find words "by default" from rfc4306 nor from
draft-ietf-ipsecme-ikev2bis-05.txt. Are you refering this text:

...
								To
         promote interoperability, implementations that support this
         type SHOULD support signatures that use SHA-1 as the hash
         function and SHOULD use SHA-1 as the default hash function when
         generating signatures.
-- 
kivinen at iki.fi

References:
- [IPsec] #116: The AUTH payload signature
  - From: Yaron Sheffer

Prev by Date: Re: [IPsec] RFC4307 & ENCR_NULL & USGv6 profile & Roadmap document
Next by Date: [IPsec] #117: Hash and URL interop
Previous by thread: [IPsec] #116: The AUTH payload signature
Next by thread: Re: [IPsec] #116: The AUTH payload signature
Index(es):
- Date
- Thread

[IPsec] #116: The AUTH payload signature

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.