| < draft-ietf-tls-negotiated-ff-dhe-06.txt | draft-ietf-tls-negotiated-ff-dhe-07.txt > | |||
|---|---|---|---|---|
| Internet Engineering Task Force D. Gillmor | Internet Engineering Task Force D. Gillmor | |||
| Internet-Draft ACLU | Internet-Draft ACLU | |||
| Updates: 4492, 5246, 4346, 2246 (if March 1, 2015 | Updates: 4492, 5246, 4346, 2246 (if March 4, 2015 | |||
| approved) | approved) | |||
| Intended status: Informational | Intended status: Informational | |||
| Expires: September 2, 2015 | Expires: September 5, 2015 | |||
| Negotiated Finite Field Diffie-Hellman Ephemeral Parameters for TLS | Negotiated Finite Field Diffie-Hellman Ephemeral Parameters for TLS | |||
| draft-ietf-tls-negotiated-ff-dhe-06 | draft-ietf-tls-negotiated-ff-dhe-07 | |||
| Abstract | Abstract | |||
| Traditional finite-field-based Diffie-Hellman (DH) key exchange | Traditional finite-field-based Diffie-Hellman (DH) key exchange | |||
| during the TLS handshake suffers from a number of security, | during the TLS handshake suffers from a number of security, | |||
| interoperability, and efficiency shortcomings. These shortcomings | interoperability, and efficiency shortcomings. These shortcomings | |||
| arise from lack of clarity about which DH group parameters TLS | arise from lack of clarity about which DH group parameters TLS | |||
| servers should offer and clients should accept. This document offers | servers should offer and clients should accept. This document offers | |||
| a solution to these shortcomings for compatible peers by using a | a solution to these shortcomings for compatible peers by using a | |||
| section of the TLS "EC Named Curve Registry" to establish common | section of the TLS "EC Named Curve Registry" to establish common | |||
| skipping to change at page 1, line 40 ¶ | skipping to change at page 1, line 40 ¶ | |||
| Internet-Drafts are working documents of the Internet Engineering | Internet-Drafts are working documents of the Internet Engineering | |||
| Task Force (IETF). Note that other groups may also distribute | Task Force (IETF). Note that other groups may also distribute | |||
| working documents as Internet-Drafts. The list of current Internet- | working documents as Internet-Drafts. The list of current Internet- | |||
| Drafts is at http://datatracker.ietf.org/drafts/current/. | Drafts is at http://datatracker.ietf.org/drafts/current/. | |||
| Internet-Drafts are draft documents valid for a maximum of six months | Internet-Drafts are draft documents valid for a maximum of six months | |||
| and may be updated, replaced, or obsoleted by other documents at any | and may be updated, replaced, or obsoleted by other documents at any | |||
| time. It is inappropriate to use Internet-Drafts as reference | time. It is inappropriate to use Internet-Drafts as reference | |||
| material or to cite them other than as "work in progress." | material or to cite them other than as "work in progress." | |||
| This Internet-Draft will expire on September 2, 2015. | This Internet-Draft will expire on September 5, 2015. | |||
| Copyright Notice | Copyright Notice | |||
| Copyright (c) 2015 IETF Trust and the persons identified as the | Copyright (c) 2015 IETF Trust and the persons identified as the | |||
| document authors. All rights reserved. | document authors. All rights reserved. | |||
| This document is subject to BCP 78 and the IETF Trust's Legal | This document is subject to BCP 78 and the IETF Trust's Legal | |||
| Provisions Relating to IETF Documents | Provisions Relating to IETF Documents | |||
| (http://trustee.ietf.org/license-info) in effect on the date of | (http://trustee.ietf.org/license-info) in effect on the date of | |||
| publication of this document. Please review these documents | publication of this document. Please review these documents | |||
| skipping to change at page 4, line 35 ¶ | skipping to change at page 4, line 35 ¶ | |||
| Codepoints in the NamedCurve registry with a high byte of 0x01 (that | Codepoints in the NamedCurve registry with a high byte of 0x01 (that | |||
| is, between 256 and 511 inclusive) are set aside for FFDHE groups, | is, between 256 and 511 inclusive) are set aside for FFDHE groups, | |||
| though only a small number of them are initially defined and we do | though only a small number of them are initially defined and we do | |||
| not expect many other FFDHE groups to be added to this range. No | not expect many other FFDHE groups to be added to this range. No | |||
| codepoints outside of this range will be allocated to FFDHE groups. | codepoints outside of this range will be allocated to FFDHE groups. | |||
| The new code points for the NamedCurve registry are: | The new code points for the NamedCurve registry are: | |||
| enum { | enum { | |||
| // other already defined elliptic curves (see RFC 4492) | // other already defined elliptic curves (see RFC 4492) | |||
| ffdhe2432(256), ffdhe3072(257), ffdhe4096(258), | ffdhe2048(256), ffdhe3072(257), ffdhe4096(258), | |||
| ffdhe6144(259), ffdhe8192(260), | ffdhe6144(259), ffdhe8192(260), | |||
| // | // | |||
| } NamedCurve; | } NamedCurve; | |||
| These additions to the Named Curve registry are described in detail | These additions to the Named Curve registry are described in detail | |||
| in Appendix A. They are all safe primes derived from the base of the | in Appendix A. They are all safe primes derived from the base of the | |||
| natural logarithm ("e"), with the high and low 64 bits set to 1 for | natural logarithm ("e"), with the high and low 64 bits set to 1 for | |||
| efficient Montgomery or Barrett reduction. | efficient Montgomery or Barrett reduction. | |||
| The use of the base of the natural logarithm here is as a "nothing- | The use of the base of the natural logarithm here is as a "nothing- | |||
| End of changes. 5 change blocks. | ||||
| 5 lines changed or deleted | 5 lines changed or added | |||
This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||