idnits 2.17.1 draft-josefsson-tls-curve25519-01.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- -- The draft header indicates that this document updates RFC4492, but the abstract doesn't seem to mention this, which it should. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year (Using the creation date from RFC4492, updated by this document, for RFC5378 checks: 1998-03-18) -- The document seems to lack a disclaimer for pre-RFC5378 work, but may have content which was first submitted before 10 November 2008. If you have contacted all the original authors and they are all willing to grant the BCP78 rights to the IETF Trust, then this is fine, and you can ignore this comment. If not, you may need to add the pre-RFC5378 disclaimer. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) -- The document date (September 24, 2013) is 3838 days in the past. Is this intentional? Checking references for intended status: Informational ---------------------------------------------------------------------------- ** Obsolete normative reference: RFC 4492 (Obsoleted by RFC 8422) ** Obsolete normative reference: RFC 5246 (Obsoleted by RFC 8446) ** Obsolete normative reference: RFC 6347 (Obsoleted by RFC 9147) Summary: 3 errors (**), 0 flaws (~~), 1 warning (==), 3 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Network Working Group S. Josefsson 3 Internet-Draft SJD AB 4 Updates: 4492 (if approved) September 24, 2013 5 Intended status: Informational 6 Expires: March 28, 2014 8 Elliptic Curve Diffie-Hellman Key Agreement using Curve25519 for 9 Transport Layer Security (TLS) 10 draft-josefsson-tls-curve25519-01 12 Abstract 14 This document specifies the use of Curve25519 for key exchange in the 15 Transport Layer Security (TLS) protocol. 17 Status of this Memo 19 This Internet-Draft is submitted in full conformance with the 20 provisions of BCP 78 and BCP 79. 22 Internet-Drafts are working documents of the Internet Engineering 23 Task Force (IETF). Note that other groups may also distribute 24 working documents as Internet-Drafts. The list of current Internet- 25 Drafts is at http://datatracker.ietf.org/drafts/current/. 27 Internet-Drafts are draft documents valid for a maximum of six months 28 and may be updated, replaced, or obsoleted by other documents at any 29 time. It is inappropriate to use Internet-Drafts as reference 30 material or to cite them other than as "work in progress." 32 This Internet-Draft will expire on March 28, 2014. 34 Copyright Notice 36 Copyright (c) 2013 IETF Trust and the persons identified as the 37 document authors. All rights reserved. 39 This document is subject to BCP 78 and the IETF Trust's Legal 40 Provisions Relating to IETF Documents 41 (http://trustee.ietf.org/license-info) in effect on the date of 42 publication of this document. Please review these documents 43 carefully, as they describe your rights and restrictions with respect 44 to this document. Code Components extracted from this document must 45 include Simplified BSD License text as described in Section 4.e of 46 the Trust Legal Provisions and are provided without warranty as 47 described in the Simplified BSD License. 49 1. Introduction 51 In [Curve25519], a new elliptic curve function for use in 52 cryptographic applications was specified. Curve25519 is a Diffie- 53 Hellman function. Curve25519 was designed with performance and 54 security in mind. 56 [RFC4492] defines the usage of elliptic curves for authentication and 57 key agreement in TLS 1.0 and TLS 1.1, and these mechanisms are also 58 applicable to TLS 1.2 [RFC5246]. The use of ECC curves for key 59 exchange requires the definition and assignment of additional 60 NamedCurve IDs. This document specify that value for Curve25519. 62 Curve25519 is not directly suitable for authentication, and thus not 63 applicable for signing of e.g. PKIX certificates. See 64 draft-josefsson-eddsa-ed25519 for a parallel effort. 66 Acknowledgement: This document was inspired by the content and 67 structure of draft-merkle-tls-brainpool-04. 69 2. Curve25519 NamedCurve Type 71 According to [RFC4492], the name space NamedCurve is used for the 72 negotiation of elliptic curve groups for key exchange during a 73 handshake starting a new TLS session. This document add a new 74 NamedCurve type for Curve25519 as follows. 76 enum { 77 curve25519(TBD1), 78 } NamedCurve; 80 The curve is suitable for use with DTLS [RFC6347]. 82 3. IANA Considerations 84 IANA is requested to assign numbers for Curve25519 listed in 85 Section 2 to the Transport Layer Security (TLS) Parameters registry 86 EC Named Curve [IANA-TLS] as follows. 88 +-------+-------------+---------+-----------+ 89 | Value | Description | DTLS-OK | Reference | 90 +-------+-------------+---------+-----------+ 91 | TBD1 | curve25519 | Y | This doc | 92 +-------+-------------+---------+-----------+ 94 Table 1 96 4. Security Considerations 98 The security considerations of [RFC5246] apply accordingly. 100 5. References 102 5.1. Normative References 104 [Curve25519] 105 Bernstein, J., "Curve25519: new Diffie-Hellman speed 106 records", 107 WWW http://cr.yp.to/ecdh/curve25519-20060209.pdf, 108 February 2006. 110 [RFC4492] Blake-Wilson, S., Bolyard, N., Gupta, V., Hawk, C., and B. 111 Moeller, "Elliptic Curve Cryptography (ECC) Cipher Suites 112 for Transport Layer Security (TLS)", RFC 4492, May 2006. 114 [RFC5246] Dierks, T. and E. Rescorla, "The Transport Layer Security 115 (TLS) Protocol Version 1.2", RFC 5246, August 2008. 117 [RFC6347] Rescorla, E. and N. Modadugu, "Datagram Transport Layer 118 Security Version 1.2", RFC 6347, January 2012. 120 5.2. Informative References 122 [IANA-TLS] 123 Internet Assigned Numbers Authority, "Transport Layer 124 Security (TLS) Parameters", . 127 Author's Address 129 Simon Josefsson 130 SJD AB 132 Email: simon@josefsson.org