[TLS] Clarify DH calculations

To: tls at ietf.org
Subject: [TLS] Clarify DH calculations
From: Eric Rescorla <ekr at networkresonance.com>
Date: Sun, 03 Jun 2007 08:04:13 -0700
Cc:
List-archive: <http://www1.ietf.org/pipermail/tls>
List-help: <mailto:tls-request@lists.ietf.org?subject=help>
List-id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.lists.ietf.org>
List-post: <mailto:tls@lists.ietf.org>
List-subscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=subscribe>
List-unsubscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=unsubscribe>
User-agent: Wanderlust/2.14.0 (Africa) Emacs/21.3 Mule/5.0 (SAKAKI)

http://www3.tools.ietf.org/wg/tls/trac/ticket/35

Pasi writes:

	IMHO it probably would make sense for a TLS implementation
	to use one of the groups specified in RFC 4306 or 3526,
	instead of e.g.  generating a random prime p (generating
	random primes is kind of slow, and then you have to worry
	about RFC 2785 etc.).
	
	(Would others agree with this recommendation? Should we add
	it to the TLS 1.2 spec?)

This also seems like general crypto advice to me.

Proposed resolution: do nothing.

-Ekr



_______________________________________________
TLS mailing list
TLS at lists.ietf.org
https://www1.ietf.org/mailman/listinfo/tls

Prev by Date: [TLS] Issue 30: Reject RSA public exponent 1
Next by Date: Re: [TLS] Short Ephermal Diffie-Hellman keys
Previous by thread: [TLS] Issue 30: Reject RSA public exponent 1
Next by thread: [TLS] I-D ACTION:draft-ietf-tls-ecc-new-mac-01.txt
Index(es):
- Date
- Thread

[TLS] Clarify DH calculations

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.